CyberRota
← Ana sayfaya dön

CVE-2026-53931

UNKNOWN · CVSS N/A EPSS %0.29 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-23T21:17:01.987 · Çekilme zamanı: 2026-06-30T18:30:48.447355+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

GitHub PoC Linkleri
github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-53931
Severity
UNKNOWN
CVSS
N/A
EPSS
%0.29

Orijinal NVD Açıklaması

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-import endpoint axiosRequestMake could be used as a generic HTTP proxy. Before the fix it was reachable unauthenticated, and its URL-extension allowlist was a regex tested against the full URL string, so URLs whose query string ended in .csv satisfies the gate even though the underlying request is for another file. This vulnerability is fixed in 2026.05.1.