Go/github.com/nhost/nhost — 5 CVEs

CRITICAL9.8CVE-2026-41574Nhost Vulnerable to Account Takeover via OAuth Email Verification Bypass

from 0, < 0.0.0-20260417112436-ec8dab3f2cf4

HIGH7.5CVE-2026-34969Nhost Leaks Refresh Tokens via URL Query Parameter in OAuth Provider Callback

from 0, < 0.0.0-20260330133707-294954e0fc3a

MEDIUM5.4CVE-2026-47671Nhost CLI local configserver allows cross-origin unauthenticated read/write access to local development configuration and secrets

from 0, < 0.0.0-20260518172022-e407511627d2

MEDIUM5.3Nhost Storage Affected by MIME Type Spoofing via Trusted Client Content-Type Header in Storage Upload in github.com/nhost/nhost

from 0, < 0.0.0-20260318074820-c4bd53f042d7

MEDIUM5.3Nhost Storage Affected by MIME Type Spoofing via Trusted Client Content-Type Header in Storage Upload in github.com/nhost/nhost

from 0, < 0.0.0-20260318074820-c4bd53f042d7

pkg:Go/github.com/nhost/nhost

✅ Check your installed version

All known vulnerabilities