Browse all 3 CVE security advisories affecting nhost. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-34969 | Nhost Leaks the Refresh Token via URL Query Parameter in OAuth Provider Callback — nhostCWE-200 | 5.3AI | MediumAI | 2026-04-06 |
| CVE-2026-34200 | Nhost CLI MCP Server: Missing Inbound Authentication on Explicitly Bound Network Port — nhostCWE-306 | 8.0 | - | 2026-03-31 |
| CVE-2026-33221 | Nhost Storage Affected by MIME Type Spoofing via Trusted Client Content-Type Header in Storage Upload — nhostCWE-345 | 9.1 | - | 2026-03-20 |
This page lists every published CVE security advisory associated with nhost. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.