CVE-2026-28361 | NocoDB up to 0.301.2 MCP Token Service authorization
A vulnerability identified as critical has been detected in NocoDB up to 0.301.2. Affected is an unknown function of the component MCP Token Service. The manipulation leads to authorization bypass.
This vulnerability is listed as CVE-2026-28361. The attack may be initiated remotely. There is no available exploit.
You should upgrade the affected component.