NocoDB MCP Token Service Allows Unauthorized Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.9

NocoDB MCP Token Service Allows Unauthorized Access

CVE-2026-28361 GHSA-p9x3-w98f-7j3q

Summary

An attacker with the Creator role in the same base as a target user can access, delete, or regenerate the user's MCP tokens if they know the token ID. This could lead to denial of service or unauthorized access to sensitive data. NocoDB users should update to the latest version to address this vulnerability.

What to do

Update pranavxc nocodb to version 0.301.3.

Affected software

Vendor	Product	Affected versions	Fix available
pranavxc	nocodb	<= 0.301.2	0.301.3
nocodb	nocodb	<= 0.301.3	–

Original title

NocoDB Missing Ownership Validation in MCP Token Operations

Original description

### Summary
The MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate, or delete another user's MCP tokens if the token ID was known.

### Details
`McpTokenService.get()`, `regenerateToken()`, and `delete()` did not filter by `fk_user_id`. The analogous `ApiTokensService` correctly enforced ownership.

### Impact
Limited — requires Creator role and knowledge of target token ID. Primary risk is denial of service (invalidating tokens) and scoped token disclosure.

### Credit
This issue was reported by [@bugbunny-research](https://github.com/bugbunny-research) (bugbunny.ai).

nvd CVSS3.1 6.3

nvd CVSS4.0 4.9

Vulnerability type

CWE-639 Authorization Bypass Through User-Controlled Key

https://nvd.nist.gov/vuln/detail/CVE-2026-28361
https://github.com/advisories/GHSA-p9x3-w98f-7j3q
https://github.com/nocodb/nocodb/releases/tag/0.301.3 Product Release Notes
https://github.com/nocodb/nocodb/security/advisories/GHSA-p9x3-w98f-7j3q Vendor Advisory

Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026