A vulnerability was found in NocoBase up to 2.1.20. It has been classified as problematic. This affects an unknown part of the component ServerRequest Wrapper. This manipulation causes server-side request forgery.

This vulnerability is registered as CVE-2026-58468. Remote exploitation of the attack is possible. No exploit is available.