CVE-2026-47382
Deferred Deferred - Pending Action

TCP Socket Connection Bypass in NocoDB

Vulnerability report for CVE-2026-47382, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-23

Last updated on: 2026-06-24

Assigner: GitHub, Inc.

Description

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the connection-test endpoint opened a raw TCP socket to the user-supplied database host without resolving and range-checking the destination, so private and link-local addresses (including IPv4-mapped IPv6 forms and localhost) reached the driver. This vulnerability is fixed in 2026.05.1.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-23
Last Modified
2026-06-24
Generated
2026-07-14
AI Q&A
2026-06-24
EPSS Evaluated
2026-07-13
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
nocodb nocodb to 2026.05.1 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

The vulnerability CVE-2026-47382 is a Server-Side Request Forgery (SSRF) issue that could allow authenticated users to probe internal services and databases without proper validation. This could potentially expose sensitive internal resources or data.

Such unauthorized access or exposure of internal systems may lead to non-compliance with data protection regulations like GDPR or HIPAA, which require strict controls over access to sensitive data and internal networks.

However, the provided information does not explicitly state the direct impact on compliance with these standards.

Executive Summary

The vulnerability in NocoDB prior to version 2026.05.1 involves the connection-test endpoint opening a raw TCP socket to a user-supplied database host without properly resolving or range-checking the destination address.

This means that private and link-local IP addresses, including IPv4-mapped IPv6 forms and localhost addresses, could be reached by the driver, potentially allowing unintended access to internal or restricted network resources.

The issue was fixed in version 2026.05.1 by adding proper checks to prevent such connections.

Impact Analysis

This vulnerability could allow an attacker or user to connect to internal or private network addresses that should not be accessible, potentially exposing sensitive internal services or data.

By reaching private or link-local addresses through the connection-test endpoint, unauthorized access or information disclosure could occur, increasing the risk of network reconnaissance or exploitation of internal systems.

Mitigation Strategies

To mitigate this vulnerability, update NocoDB to version 2026.05.1 or later, where the issue with the connection-test endpoint has been fixed.

Detection Guidance

This vulnerability can be detected by monitoring and testing the connection-test endpoint in NocoDB versions prior to 2026.05.1 for unauthorized or unexpected raw TCP socket connections to internal or private IP addresses.

To detect potential exploitation, you can check network traffic or logs for connection attempts from NocoDB to private, loopback, or link-local IP ranges.

Suggested commands include using network monitoring tools like tcpdump or netstat to observe outgoing connections from the NocoDB server.

  • Use tcpdump to capture outgoing TCP connections from the NocoDB server: sudo tcpdump -i <interface> tcp and src host <nocodb-server-ip>
  • Use netstat or ss to list current TCP connections and check for connections to private IP ranges: netstat -tnp | grep nocodb or ss -tnp | grep nocodb
  • Check application logs for connection-test endpoint usage or unusual database host connection attempts.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-47382. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart