Nextcloud

Nextcloud

155 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.2%
  • Veröffentlicht 01.06.2026 17:17:09
  • Zuletzt bearbeitet 01.06.2026 18:14:29

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add unknown circles by their ID directly to other circle...

  • EPSS 0.23%
  • Veröffentlicht 01.06.2026 17:17:09
  • Zuletzt bearbeitet 01.06.2026 18:14:29

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a malicious user has access to a file share of a user, they could use this share token to also ac...

  • EPSS 0.2%
  • Veröffentlicht 01.06.2026 17:17:09
  • Zuletzt bearbeitet 01.06.2026 18:14:29

Nextcloud is an open source content collaboration platform. From versions 1.15.0 to before 1.15.4, 1.16.0 to before 1.16.3, 1.17.0 to before 1.17.1, and 1.18.0 to before 1.18.1, a malicious user with access to an end-to-end encrypted files drop link ...

  • EPSS 0.23%
  • Veröffentlicht 01.06.2026 17:17:09
  • Zuletzt bearbeitet 01.06.2026 18:14:29

Nextcloud is an open source content collaboration platform. From versions 17.0.0 to before 17.0.15, 18.0.0 to before 18.1.12, 19.0.0 to before 19.1.16, 20.0.0 to before 20.1.11, and 21.0.0 to before 21.0.4, a user with READ and CREATE permission, but...

  • EPSS 0.25%
  • Veröffentlicht 01.06.2026 17:13:21
  • Zuletzt bearbeitet 04.06.2026 16:51:19

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31.0.0 to before 31.0.12, and 32.0.0 to before 32.0.3, a missing check of a relation allowed authenticated users with access to any file comment, to read th...

  • EPSS 0.29%
  • Veröffentlicht 01.06.2026 17:09:48
  • Zuletzt bearbeitet 04.06.2026 16:50:50

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, a pre-2FA session cookie (created after successful password authentication but before TOTP completion)...

  • EPSS 0.29%
  • Veröffentlicht 01.06.2026 17:08:04
  • Zuletzt bearbeitet 04.06.2026 16:50:29

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authentication bypass vulnerability allowed attackers with knowledge of a user's password to circum...

Exploit
  • EPSS 0.28%
  • Veröffentlicht 01.06.2026 16:59:36
  • Zuletzt bearbeitet 03.06.2026 20:35:59

Nextcloud is an open source content collaboration platform. From versions 5.5.13 to before 5.5.17, and 6.2.0 to before 6.2.3, an authenticated user can enumerate users on the same Nextcloud instance by using the Calendar app's endpoint for suggesting...

  • EPSS 0.29%
  • Veröffentlicht 01.06.2026 16:57:50
  • Zuletzt bearbeitet 03.06.2026 20:34:52

Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes an external member (a person added via email addre...

  • EPSS 0.21%
  • Veröffentlicht 01.06.2026 16:53:50
  • Zuletzt bearbeitet 03.06.2026 17:02:29

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.2, and 33.0.0 to before 33.0.1, the files_lock app did not properly validate the ownership of files when processing DAV lock and unloc...