Skip to main content

NocoDB CVE-2026-47375

| EUVDEUVD-2026-38628 MEDIUM
SQL Injection (CWE-89)
2026-06-05 https://github.com/nocodb/nocodb GHSA-cxv7-gmmp-228p
6.0
CVSS 3.1 · Vendor: https://github.com/nocodb/nocodb
Share

Severity by source

Vendor (https://github.com/nocodb/nocodb) PRIMARY
6.0 MEDIUM
AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H

Primary rating from Vendor (https://github.com/nocodb/nocodb) · only source for this CVE.

CVSS VectorVendor: https://github.com/nocodb/nocodb

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
High

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 05, 2026 - 16:19 vuln.today
Analysis Generated
Jun 05, 2026 - 16:19 vuln.today

DescriptionCVE.org

Summary

An authenticated user with columnAdd permission on a Postgres-backed base can inject arbitrary SQL into the formula engine via the optional direction argument of ARRAYSORT(...). The value is unrestricted by formula validation and embedded into a knex.raw ORDER BY clause, executing during column creation and on every subsequent record read of the formula column.

Details

The vulnerability is specific to the Postgres mapping for ARRAYSORT in packages/nocodb/src/db/functionMappings/pg.ts. Two factors combine:

  1. ARRAYSORT declares only argument count, not validation.args.type, so validate-extract-tree.ts does not enforce an allowlist on the second argument.
  2. The Postgres mapping then passes the attacker-controlled value through sanitize(knex.raw(...)) into a raw SQL fragment:
ts
const direction = pt.arguments[1]
  ? sanitize(
      knex.raw(pt.arguments[1]?.value ?? (await fn(pt.arguments[1])).builder),
    )
  : knex.raw('asc');

return {
  builder: knex.raw(`ARRAY(SELECT UNNEST(??) ORDER BY 1 ??)`, [source, direction]),
};

sanitize() in sqlSanitize.ts only escapes ? placeholder characters; it does not validate SQL syntax. A payload such as "desc, (SELECT COUNT(*) FROM generate_series(1,30000000))" is accepted, persisted, and re-executed on every read of the formula column.

Impact

  • Authenticated SQL injection against Postgres-backed bases.
  • Requires columnAdd permission (creator/owner-level).
  • Proven impact: attacker-controlled heavy SQL causing multi-second query stalls (DoS).
  • Potentially extendable to broader SQL injection outcomes depending on database permissions and deployment hardening.
  • Limited to Postgres backends.

Credit

This issue was reported by @leduckhuong.

AnalysisAI

SQL injection in NocoDB's Postgres formula engine exposes authenticated creators to arbitrary SQL execution via the unvalidated direction argument of the ARRAYSORT(...) formula function. All NocoDB instances on npm/nocodb versions prior to 2026.04.1 using Postgres-backed bases are affected; MySQL and SQLite backends are not. An attacker holding creator/owner-level columnAdd permission can inject persistent SQL that executes during column creation and re-executes on every subsequent read of the formula column, enabling confirmed denial-of-service and potentially broader data access depending on database-level permissions. No public exploit identified at time of analysis; this vulnerability is not listed in CISA KEV.

Technical ContextAI

NocoDB is an open-source no-code database platform (npm package: nocodb) that maps spreadsheet-style formula functions to database-specific SQL via a pluggable function mapping layer. The vulnerable code resides in packages/nocodb/src/db/functionMappings/pg.ts, the Postgres-specific formula mapper built on the knex query builder. The root cause is CWE-89 (Improper Neutralization of Special Elements in an SQL Command), arising from two compounding flaws: first, ARRAYSORT is defined with only an argument count constraint and no validation.args.type declaration, so the formula validator in validate-extract-tree.ts skips allowlist enforcement on the second (direction) argument; second, the Postgres mapper passes the raw user-supplied value through sanitize(knex.raw(...)) where sanitize() in sqlSanitize.ts only escapes ? placeholder characters and performs no SQL syntax validation, allowing the unfiltered value to be embedded directly into a knex.raw ORDER BY clause. The affected CPE is pkg:npm/nocodb.

RemediationAI

Upgrade NocoDB to version 2026.04.1 or later - vendor-released patch confirmed via GitHub release https://github.com/nocodb/nocodb/releases/tag/2026.04.1 and advisory GHSA-cxv7-gmmp-228p at https://github.com/nocodb/nocodb/security/advisories/GHSA-cxv7-gmmp-228p. If immediate upgrade is not feasible, restrict columnAdd permission exclusively to highly trusted administrators, reducing the accounts that can reach the vulnerable code path; this does not eliminate the injection vector but limits exposure. As an additional compensating control, reduce the NocoDB database user's Postgres permissions - for example, revoke access to resource-intensive functions like generate_series - to bound the DoS impact and constrain potential data access from broader SQL injection. Note that permission restrictions are not a substitute for patching, as the root injection vector remains present. Self-hosted operators should also audit existing formula columns for suspicious ARRAYSORT usage with unusual direction values to detect prior exploitation.

CVE-2025-1094 HIGH POC
8.1 Feb 13

PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() improperl

CVE-2024-55964 CRITICAL POC
9.8 Mar 26

An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl

CVE-2013-1899 MEDIUM POC
6.5 Apr 04

Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows re

CVE-2026-20253 CRITICAL POC
9.8 Jun 10

Unauthenticated arbitrary file write in Splunk Enterprise (below 10.2.4 and 10.0.7) and Splunk Cloud Platform (below 10.

CVE-2017-7546 CRITICAL
9.8 Aug 16

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allow

CVE-2015-1352 MEDIUM POC
5.0 Mar 30

The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate t

CVE-2024-10553 CRITICAL POC
9.8 Mar 20

A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitra

CVE-2019-9193 HIGH POC
7.2 Apr 01

In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_serve

CVE-2026-40887 CRITICAL POC
9.1 Apr 14

## Summary An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query strin

CVE-2022-24760 CRITICAL POC
10.0 Mar 12

Parse Server is an open source http web server backend. Rated critical severity (CVSS 10.0), this vulnerability is remot

CVE-2025-56157 CRITICAL POC
9.8 Dec 18

Hard-coded default PostgreSQL credentials shipped in the docker-compose.yaml of langgenius Dify through version 1.5.1 al

CVE-2024-12909 CRITICAL POC
9.8 Mar 20

A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for

Share

CVE-2026-47375 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy