Nextcloud

Nextcloud

155 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.29%
  • Veröffentlicht 01.06.2026 16:53:18
  • Zuletzt bearbeitet 03.06.2026 17:09:13

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authenticated attacker can access attachments of link shares when knowing the share token, circumve...

  • EPSS 0.28%
  • Veröffentlicht 01.06.2026 16:52:57
  • Zuletzt bearbeitet 03.06.2026 17:11:29

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, with the knowledge of other users’ principal URL an attacker could possibly send a request to gain ful...

  • EPSS 0.39%
  • Veröffentlicht 01.06.2026 16:52:18
  • Zuletzt bearbeitet 03.06.2026 17:15:56

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31.0.0 to before 31.0.14, and 32.0.0 to before 32.0.4, if {lang} is used in the template directory config value, non-admin users can in some cases copy arbi...

  • EPSS 0.27%
  • Veröffentlicht 05.12.2025 16:36:39
  • Zuletzt bearbeitet 10.12.2025 15:14:47

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Enterprise Server prior to 30.0.9 and 31.0.1, incorrect path handling with groupfolders caused the admin_audit app to not properly log all actions on files and folders i...

  • EPSS 0.24%
  • Veröffentlicht 05.12.2025 16:32:17
  • Zuletzt bearbeitet 09.12.2025 16:31:38

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Enterprise Server prior to 31.0.1, non-privileged users can modify tags on files they should not have access to via bulk tagging. This vulnerability is fixed in 31.0.1.

  • EPSS 0.24%
  • Veröffentlicht 05.12.2025 16:22:50
  • Zuletzt bearbeitet 09.12.2025 16:38:19

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Server Enterprise prior to 31.0.12 and 32.0.3, a missing sanitization allowed malicious users to circumvent the content security policy when a malicious user manages to ...

  • EPSS 0.3%
  • Veröffentlicht 05.12.2025 16:18:53
  • Zuletzt bearbeitet 10.12.2025 16:12:34

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 31.0.10 and 32.0.1 and Nextcloud Enterprise Server prior to 28.0.14.11, 29.0.16.8, 30.0.17.3, and 31.0.10, contacts search allowed to retrieve personal data of othe...

Exploit
  • EPSS 0.26%
  • Veröffentlicht 04.12.2025 00:00:00
  • Zuletzt bearbeitet 25.03.2026 21:35:25

Cross-site scripting (XSS) vulnerability in a reachable files_pdfviewer example directory in Nextcloud with versions before 22.2.10.33, 23.0.12.29, 24.0.12.28, 25.0.13.23, 26.0.13.20, 27.1.11.20, 28.0.14.11, 29.0.16.8, 30.0.17, 31.0.10, and 32.0.1 al...

  • EPSS 0.41%
  • Veröffentlicht 16.05.2025 14:35:25
  • Zuletzt bearbeitet 30.09.2025 19:37:40

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 29.0.13, 30.0.7, and 31.0.1 and Nextcloud Enterprise Server prior to 26.0.13.13, 27.1.11.13, 28.0.14.4, 29.0.13, 30.0.7, and 31.0.1, an attacker on a multi-user sys...

  • EPSS 0.66%
  • Veröffentlicht 16.05.2025 14:31:50
  • Zuletzt bearbeitet 08.09.2025 21:54:14

Nextcloud Server is a self hosted personal cloud system, and the Nextcloud Groupfolders app provides admin-configured folders shared by everyone in a group or team. In Nextcloud Server prior to 30.0.2, 29.0.9, and 28.0.1, Nextcloud Enterprise Server ...