|
291
|
4.4 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31.0.0 to before 31.0.14, and 32.0.0 to before 32.0.4, if {lang} is used in the template directory config…
New
|
CWE-22
Path Traversal
|
CVE-2026-45279
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292
|
8.1 |
HIGH
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, with the knowledge of other users’ principal URL an…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-45281
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authenticated attacker can access attachments of…
New
|
CWE-284
Improper Access Control
|
CVE-2026-45282
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.2, and 33.0.0 to before 33.0.1, the files_lock app did not properly validate the ow…
New
|
CWE-287
Improper Authentication
|
CVE-2026-45283
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295
|
4.6 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From version 1.3.6 to before version 8.4.0, an improper check allowed users that where provided by LDAP to still authenticate towards user …
New
|
CWE-284
Improper Access Control
|
CVE-2026-45284
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296
|
6.4 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes…
New
|
CWE-862
Missing Authorization
|
CVE-2026-45285
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 5.5.13 to before 5.5.17, and 6.2.0 to before 6.2.3, an authenticated user can enumerate users on the same Nextcloud instance …
New
|
CWE-200
Information Exposure
|
CVE-2026-45286
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From version 4.3.0 to before version 5.2.7, a removed collaborator retains unauthorized read access to uploaded respondent files for the af…
New
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2026-45543
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version 1.0.4, the view filter criteria is exposed to users with read-only permissions in Nextcloud Tables. Th…
New
|
CWE-1230
Exposure of Sensitive Information Through Metadata
|
CVE-2026-45544
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300
|
8.2 |
HIGH
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 0.7.0 to before 0.7.7, 0.8.0 to before 0.8.10, 0.9.0 to before 0.9.8, and 1.0.0 to before 1.0.4, an authenticated attacker wi…
New
|
CWE-89
SQL Injection
|
CVE-2026-45545
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
