|
601
|
8.8 |
HIGH
Network
|
-
|
-
|
An Improper Access Control vulnerability in Ivanti Neurons for ITSM (cloud and on-premises) allows a remote authenticated attacker to gain administrative access.
New
|
CWE-284
Improper Access Control
|
CVE-2026-9614
|
2026-06-2 23:01 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
602
|
4.6 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From version 1.3.6 to before version 8.4.0, an improper check allowed users that where provided by LDAP to still authenticate towards user …
New
|
CWE-284
Improper Access Control
|
CVE-2026-45284
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
603
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 5.5.13 to before 5.5.17, and 6.2.0 to before 6.2.3, an authenticated user can enumerate users on the same Nextcloud instance …
New
|
CWE-200
Information Exposure
|
CVE-2026-45286
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
604
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From version 4.3.0 to before version 5.2.7, a removed collaborator retains unauthorized read access to uploaded respondent files for the af…
New
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2026-45543
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
605
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version 1.0.4, the view filter criteria is exposed to users with read-only permissions in Nextcloud Tables. Th…
New
|
CWE-1230
Exposure of Sensitive Information Through Metadata
|
CVE-2026-45544
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
606
|
6.4 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes…
New
|
CWE-862
Missing Authorization
|
CVE-2026-45285
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
607
|
8.2 |
HIGH
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 0.7.0 to before 0.7.7, 0.8.0 to before 0.8.10, 0.9.0 to before 0.9.8, and 1.0.0 to before 1.0.4, an authenticated attacker wi…
New
|
CWE-89
SQL Injection
|
CVE-2026-45545
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
608
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authentication bypass vulnerability allowed atta…
New
|
CWE-287
Improper Authentication
|
CVE-2026-45690
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
609
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, a pre-2FA session cookie (created after successful …
New
|
CWE-287
Improper Authentication
|
CVE-2026-45691
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
610
|
7.1 |
HIGH
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 0.9.0 to before 0.9.7, and 1.0.0 to before 1.0.2, a missing sanitization in the Tables app allowed a user with access to the …
New
|
CWE-89
SQL Injection
|
CVE-2026-45722
|
2026-06-2 23:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
