Skip to main content

Nhost CVE-2026-34200

| EUVDEUVD-2026-17452 HIGH
Missing Authentication for Critical Function (CWE-306)
2026-03-31 GitHub_M
7.7
CVSS 4.0 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
7.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 06:10 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
1.41.0
EUVD ID Assigned
Mar 31, 2026 - 14:30 euvd
EUVD-2026-17452
Analysis Generated
Mar 31, 2026 - 14:30 vuln.today
CVE Published
Mar 31, 2026 - 13:57 nvd
HIGH 7.7

DescriptionGitHub Advisory

Nhost is an open source Firebase alternative with GraphQL. Prior to version 1.41.0, The Nhost CLI MCP server, when explicitly configured to listen on a network port, applies no inbound authentication and does not enforce strict CORS. This allows a malicious website visited on the same machine to issue cross-origin requests to the MCP server and invoke privileged tools using the developer's locally configured credentials. This vulnerability requires two explicit, non-default configuration steps to be exploitable. The default nhost mcp start configuration is not affected. This issue has been patched in version 1.41.0.

AnalysisAI

Nhost CLI MCP server before version 1.41.0 allows cross-origin requests without authentication when explicitly configured to listen on a network port, enabling malicious websites to invoke privileged tools using developer credentials. The vulnerability requires two explicit non-default configuration steps and does not affect the default configuration, significantly limiting real-world exposure.

Technical ContextAI

The Nhost CLI implements a Model Context Protocol (MCP) server that, when configured to bind to a network interface rather than localhost-only, fails to enforce inbound authentication checks or implement strict Cross-Origin Resource Sharing (CORS) policies. This is a failure of the authentication boundary (CWE-306) where the MCP server trusts requests from cross-origin sources without validating the requestor's identity or authorization. The vulnerability leverages browser same-origin policy bypasses to allow a malicious website to make requests to the local MCP server endpoint on behalf of a developer who has the site open, using the developer's already-authenticated credentials stored in the CLI configuration.

RemediationAI

Upgrade Nhost CLI to version 1.41.0 or later, which implements authentication enforcement and strict CORS validation on the MCP server. For users unable to upgrade immediately, avoid configuring the MCP server to listen on network interfaces; instead use the default localhost-only binding via nhost mcp start without explicit network port configuration. The patch pull request at https://github.com/nhost/nhost/pull/4060 contains implementation details for those requiring additional context.

Share

CVE-2026-34200 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy