All 3 CVE vulnerabilities found in nhost, with AI-generated Chinese analysis, references, and POCs.
Vendor: nhost
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-34969 | Nhost Leaks the Refresh Token via URL Query Parameter in OAuth Provider Callback CWE-200 | 5.3AI | MediumAI | 2026-04-06 |
| CVE-2026-34200 | Nhost CLI MCP Server: Missing Inbound Authentication on Explicitly Bound Network Port CWE-306 | 8.0 | - | 2026-03-31 |
| CVE-2026-33221 | Nhost Storage Affected by MIME Type Spoofing via Trusted Client Content-Type Header in Storage Upload CWE-345 | 9.1 | - | 2026-03-20 |
All 3 known CVE vulnerabilities affecting nhost with full Chinese analysis, references, and POCs where available.