All 3 CVE vulnerabilities found in nocobase, with AI-generated Chinese analysis, references, and POCs.
Vendor: n/a
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-34825 | NocoBase Has SQL Injection via template variable substitution in workflow SQL node CWE-89 | 8.8AI | HighAI | 2026-04-02 |
| CVE-2026-34156 | NocoBase Affected by Sandbox Escape to RCE via console._stdout Prototype Chain Traversal in Workflow Script Node CWE-913 | 10.0 | Critical | 2026-03-31 |
| CVE-2025-13877 | nocobase JWT Service jwt-service.ts hard-coded key CWE-321 | 5.6 | Medium | 2025-12-02 |
All 3 known CVE vulnerabilities affecting nocobase with full Chinese analysis, references, and POCs where available.