nocodb
v0.301.3npm· JavaScriptNocoDB Backend
The verdict
Maintained. Maintained, actively maintained. Catch: 8 moderate advisories — review before adopting; pulls in 163 runtime dependencies.
Catch: 8 moderate advisories — review before adopting; pulls in 163 runtime dependencies.
Live from the npm registry · derived rules, not AI
How it scores
MaintenanceHealthy
PopularityUnknown
Security8 advisories
LicenseOther
DepsHeavy
Maintenance
Last published 3 months ago.
Popularity
Download count unavailable.
Security
8 known advisories (worst: moderate).
License
Sustainable Use License
Dependencies
163 direct dependencies
Security advisories
Live from OSV.dev · cached 24h- MEDIUMNocoDB: SSRF Protection Bypass in Notification Webhook Plugins (Slack, Discord, Mattermost, Teams)GHSA-2c5x-4jgf-88mj Published 2026-05-21
- MEDIUMNocoDB: Missing File Size Enforcement in Upload-by-URL Allows Denial of Service via Disk ExhaustionGHSA-99vc-2jx2-688p Published 2026-05-21
- MEDIUMNocoDB: Reflected Cross-Site Scripting via Page Leaving Redirect URLGHSA-9qgr-6vpg-9gh9 Published 2026-05-21
- MEDIUMNocoDB: Shared-base link access can invite arbitrary users as persistent base membersGHSA-chqv-vrj7-qffp Published 2026-05-21
- MEDIUMNocoDB: Refresh Token Cookie Set Without `secure` and `sameSite` FlagsGHSA-f74w-272x-mqcv Published 2026-05-21
- LOWNocoDB: Attachment Size Limit Bypass via Upload-by-URLGHSA-8rwr-f68v-cvw6 Published 2026-05-21
- LOWNocoDB: Stale Auth Cache After API Token DeletionGHSA-f76x-f9vj-92jv Published 2026-05-21
- LOWNocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope EscalationGHSA-m5qg-rvjq-727p Published 2026-05-21
Recent releases
- 0.301.33 months ago
- 0.301.24 months ago
- 0.301.15 months ago
- 0.301.05 months ago
- 0.300.05 months ago
- 0.265.18 months ago
- 0.265.08 months ago
- 0.264.98 months ago