Package impact
Go / github.com/nhost/nhost
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41574 | critical | 9.8 | 9.8 | 27d ago | Nhost Vulnerable to Account Takeover via OAuth Email Verification Bypass | |||
| CVE-2026-33221 | medium | 5.3 | 5.3 | 3mo ago | Nhost is an open source Firebase alternative with GraphQL. Prior to version 0.12.0, the storage service's file upload handler trusts the client-provided Content-Type header without performing server-… | |||
| CVE-2026-34969 | unknown | — | — | 2mo ago | Nhost Leaks Refresh Tokens via URL Query Parameter in OAuth Provider Callback |