Every CVE whose affected-product data names Nhost Nhost/auth, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2026-41574 — CVSS 9.8 (critical): Nhost is an open source Firebase alternative with GraphQL. Prior to version 0.49.1, Nhost automatically links an incoming OAuth identity to…
CVE-2026-34969 — CVSS 7.5 (high): Nhost is an open source Firebase alternative with GraphQL. Prior to 0.48.0, the auth service's OAuth provider callback flow places the…