nextcloud

Top products

The 15 most recently published vulnerabilities affecting nextcloud.

• CVE-2026-45810Nextcloud: Propfind requests for file comments allowed to load comments for other files6.8Jun 1, 2026
• CVE-2026-45722Nextcloud: Tables app allows limited SQLi in ORDER BY with malicious sort order argument for Table Views7.1Jun 1, 2026
• CVE-2026-45691Nextcloud: Bypass of second factor authentication on DAV endpoints5.9Jun 1, 2026
• CVE-2026-45690Nextcloud: Two-Factor Authentication Bypass via Pending Session Token Replay5.9Jun 1, 2026
• CVE-2026-45545Nextcloud: SQL Injection in Column Type Parameter Allows Arbitrary SQL Execution8.2Jun 1, 2026
• CVE-2026-45544Nextcloud: Information Disclosure of view filter metdata via Broken Sensitive Data Masking in ViewService4.3Jun 1, 2026
• CVE-2026-45543Nextcloud: Deleting a Forms collaborator share leaves uploaded response files accessible through a lingering Files share5.3Jun 1, 2026
• CVE-2026-45286Nextcloud: Calendar app leaked user identifiers via attendee suggestion endpoint4.3Jun 1, 2026
• CVE-2026-45284Nextcloud: Wrong condition in the User OIDC app's LdapService allowed deleted LDAP users to authenticate4.6Jun 1, 2026
• CVE-2026-45285Nextcloud: Hidden Public Link creation when sharing to a Team External Member6.4Jun 1, 2026
• CVE-2026-45283Nextcloud: Files Lock app allows users to lock and unlock files of other users6.3Jun 1, 2026
• CVE-2026-45282Nextcloud: Logged-in user bypasses share password and download restrictions on Text attachments via documentId leads to unauthorized file access6.5Jun 1, 2026
• CVE-2026-45281Nextcloud: Cross-Account Calendar Takeover via Unauthorized Group-Member-Set Update8.1Jun 1, 2026
• CVE-2026-45279Nextcloud: Limited path traversal via template API if using `{lang}` in config4.4Jun 1, 2026
• CVE-2026-45278Nextcloud: Open Redirect in user_oidc login flow via protocol-relative URL bypass3.3Jun 1, 2026