Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-ug44-xfm9-ukfp
Vulnerability ID VCID-ug44-xfm9-ukfp
Aliases CVE-2026-46554
GHSA-f76x-f9vj-92jv
Summary NocoDB: Stale Auth Cache After API Token Deletion
Status Published
Exploitability 0.5
Weighted Severity 2.7
Risk 1.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-613 Insufficient Session Expiration
System Score Found at
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2026-46554
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2026-46554
cvssv3.1_qr LOW https://github.com/advisories/GHSA-f76x-f9vj-92jv
cvssv4 2.3 https://github.com/nocodb/nocodb
generic_textual LOW https://github.com/nocodb/nocodb
cvssv3.1_qr LOW https://github.com/nocodb/nocodb/security/advisories/GHSA-f76x-f9vj-92jv
cvssv4 2.3 https://github.com/nocodb/nocodb/security/advisories/GHSA-f76x-f9vj-92jv
generic_textual LOW https://github.com/nocodb/nocodb/security/advisories/GHSA-f76x-f9vj-92jv
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2026-46554
https://github.com/nocodb/nocodb
GHSA-f76x-f9vj-92jv https://github.com/advisories/GHSA-f76x-f9vj-92jv
GHSA-f76x-f9vj-92jv https://github.com/nocodb/nocodb/security/advisories/GHSA-f76x-f9vj-92jv
No exploits are available.
Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N Found at https://github.com/nocodb/nocodb
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N Found at https://github.com/nocodb/nocodb/security/advisories/GHSA-f76x-f9vj-92jv
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.17342
EPSS Score 0.00054
Published At June 12, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T20:38:47.958577+00:00 GHSA Importer Import https://github.com/advisories/GHSA-f76x-f9vj-92jv 38.6.0