Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-45281 (GCVE-0-2026-45281)
Vulnerability from cvelistv5 – Published: 2026-06-01 16:52 – Updated: 2026-06-01 19:22- CWE-639 - Authorization Bypass Through User-Controlled Key
| URL | Tags |
|---|---|
| https://github.com/nextcloud/security-advisories/… | x_refsource_CONFIRM |
| https://github.com/nextcloud/server/pull/59962 | x_refsource_MISC |
| https://hackerone.com/reports/3545964 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| nextcloud | security-advisories |
Affected:
>= 32.0.0, < 32.0.9
Affected: >= 33.0.0, < 33.0.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-45281",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T19:22:37.089766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T19:22:51.714Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "security-advisories",
"vendor": "nextcloud",
"versions": [
{
"status": "affected",
"version": "\u003e= 32.0.0, \u003c 32.0.9"
},
{
"status": "affected",
"version": "\u003e= 33.0.0, \u003c 33.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, with the knowledge of other users\u2019 principal URL an attacker could possibly send a request to gain full access to their calendar. Therefore, the attacker must be an authenticated user. This is because of improper authorization controls in the backend of the calendar. If the attacker had access to the calendar, they would be able to view and modify it. It is recommended that the Nextcloud Server is upgraded to 33.0.3 or 32.0.9. It is recommended that the Nextcloud Enterprise Server is upgraded to 33.0.3, 32.0.9, 31.0.14.5, 30.0.17.9, 29.0.16.16, 28.0.14.17, 27.1.11.26, 26.0.13.26, 25.0.13.29, 24.0.12.34, 23.0.12.35, 22.2.10.39, or 21.0.9.23"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639: Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T16:52:57.245Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-hrrv-mp25-26vv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-hrrv-mp25-26vv"
},
{
"name": "https://github.com/nextcloud/server/pull/59962",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/server/pull/59962"
},
{
"name": "https://hackerone.com/reports/3545964",
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/3545964"
}
],
"source": {
"advisory": "GHSA-hrrv-mp25-26vv",
"discovery": "UNKNOWN"
},
"title": "Nextcloud: Cross-Account Calendar Takeover via Unauthorized Group-Member-Set Update"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-45281",
"datePublished": "2026-06-01T16:52:57.245Z",
"dateReserved": "2026-05-11T18:41:13.157Z",
"dateUpdated": "2026-06-01T19:22:51.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-45281",
"date": "2026-07-19",
"epss": "0.00284",
"percentile": "0.20394"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-45281\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-06-01T19:16:50.193\",\"lastModified\":\"2026-06-17T10:51:51.607\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, with the knowledge of other users\u2019 principal URL an attacker could possibly send a request to gain full access to their calendar. Therefore, the attacker must be an authenticated user. This is because of improper authorization controls in the backend of the calendar. If the attacker had access to the calendar, they would be able to view and modify it. It is recommended that the Nextcloud Server is upgraded to 33.0.3 or 32.0.9. It is recommended that the Nextcloud Enterprise Server is upgraded to 33.0.3, 32.0.9, 31.0.14.5, 30.0.17.9, 29.0.16.16, 28.0.14.17, 27.1.11.26, 26.0.13.26, 25.0.13.29, 24.0.12.34, 23.0.12.35, 22.2.10.39, or 21.0.9.23\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"nextcloud\",\"product\":\"security-advisories\",\"versions\":[{\"version\":\"\u003e= 32.0.0, \u003c 32.0.9\",\"status\":\"affected\"},{\"version\":\"\u003e= 33.0.0, \u003c 33.0.3\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":5.2}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-06-01T19:22:37.089766Z\",\"id\":\"CVE-2026-45281\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-639\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"32.0.0\",\"versionEndExcluding\":\"32.0.9\",\"matchCriteriaId\":\"A4E473E0-CAC5-4C49-AA6A-84E16C6EAA13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"33.0.0\",\"versionEndExcluding\":\"33.0.3\",\"matchCriteriaId\":\"9B2B8E97-72E8-48AE-85F0-9FB5CE692F14\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"21.0.0\",\"versionEndExcluding\":\"21.0.9.23\",\"matchCriteriaId\":\"2F118C4C-9CF2-497D-9A90-4F391168F493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"22.0.0\",\"versionEndExcluding\":\"22.2.10.39\",\"matchCriteriaId\":\"A9443F7A-38CD-441C-BC70-5D4D3583844C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"23.0.0\",\"versionEndExcluding\":\"23.0.12.35\",\"matchCriteriaId\":\"60E3FB11-35BB-46B3-9E02-240A5D15B317\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"24.0.0\",\"versionEndExcluding\":\"24.0.12.34\",\"matchCriteriaId\":\"3B2A3BB9-41AF-4B72-BE89-46449D319621\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"25.0.0\",\"versionEndExcluding\":\"25.0.13.29\",\"matchCriteriaId\":\"4D7B9C9B-FF0D-45DC-A01F-BC3CB17DA04A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"26.0.0\",\"versionEndExcluding\":\"26.0.13.26\",\"matchCriteriaId\":\"C8C972D9-57A2-4679-A4DC-B696BCCBE5F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"27.0.0\",\"versionEndExcluding\":\"27.1.11.26\",\"matchCriteriaId\":\"78AA1EC1-DCA9-41F4-BEE1-07DCC04F11DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"28.0.0\",\"versionEndExcluding\":\"28.0.14.17\",\"matchCriteriaId\":\"F4136154-9B03-43BC-BD91-D57827E1BAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"29.0.0\",\"versionEndExcluding\":\"29.0.16.16\",\"matchCriteriaId\":\"C98F45A0-2CF9-4534-8EEA-52AA5682DFA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"30.0.0\",\"versionEndExcluding\":\"30.0.17.9\",\"matchCriteriaId\":\"DA06C26B-C42D-4760-BE2D-F20749B36EF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"31.0.0\",\"versionEndExcluding\":\"31.0.14.5\",\"matchCriteriaId\":\"4FA400BC-693E-461C-B900-37D8ECA22407\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"32.0.0\",\"versionEndExcluding\":\"32.0.9\",\"matchCriteriaId\":\"E0868A4E-159B-40EC-9633-82B82E87ADA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"33.0.0\",\"versionEndExcluding\":\"33.0.3\",\"matchCriteriaId\":\"1AD6566B-8299-4BDD-9ADD-8259D0EE4245\"}]}]}],\"references\":[{\"url\":\"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-hrrv-mp25-26vv\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/nextcloud/server/pull/59962\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://hackerone.com/reports/3545964\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Permissions Required\"]}]}}",
"redhat_vex": {
"current_release_date": "2026-06-28T07:39:32+00:00",
"cve": "CVE-2026-45281",
"id": "CVE-2026-45281",
"initial_release_date": "2026-06-01T16:52:57.245000+00:00",
"product_status:known_not_affected": "1",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "nextcloud-server: Nextcloud Server: Authenticated users can gain full calendar access due to improper authorization.",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-45281.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-45281\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-01T19:22:37.089766Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-01T19:22:47.816Z\"}}], \"cna\": {\"title\": \"Nextcloud: Cross-Account Calendar Takeover via Unauthorized Group-Member-Set Update\", \"source\": {\"advisory\": \"GHSA-hrrv-mp25-26vv\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"nextcloud\", \"product\": \"security-advisories\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 32.0.0, \u003c 32.0.9\"}, {\"status\": \"affected\", \"version\": \"\u003e= 33.0.0, \u003c 33.0.3\"}]}], \"references\": [{\"url\": \"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-hrrv-mp25-26vv\", \"name\": \"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-hrrv-mp25-26vv\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/nextcloud/server/pull/59962\", \"name\": \"https://github.com/nextcloud/server/pull/59962\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://hackerone.com/reports/3545964\", \"name\": \"https://hackerone.com/reports/3545964\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, with the knowledge of other users\\u2019 principal URL an attacker could possibly send a request to gain full access to their calendar. Therefore, the attacker must be an authenticated user. This is because of improper authorization controls in the backend of the calendar. If the attacker had access to the calendar, they would be able to view and modify it. It is recommended that the Nextcloud Server is upgraded to 33.0.3 or 32.0.9. It is recommended that the Nextcloud Enterprise Server is upgraded to 33.0.3, 32.0.9, 31.0.14.5, 30.0.17.9, 29.0.16.16, 28.0.14.17, 27.1.11.26, 26.0.13.26, 25.0.13.29, 24.0.12.34, 23.0.12.35, 22.2.10.39, or 21.0.9.23\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-639\", \"description\": \"CWE-639: Authorization Bypass Through User-Controlled Key\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-06-01T16:52:57.245Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-45281\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-01T19:22:51.714Z\", \"dateReserved\": \"2026-05-11T18:41:13.157Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-06-01T16:52:57.245Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
bit-nextcloud-2026-45281
Vulnerability from bitnami_vulndb
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, with the knowledge of other users’ principal URL an attacker could possibly send a request to gain full access to their calendar. Therefore, the attacker must be an authenticated user. This is because of improper authorization controls in the backend of the calendar. If the attacker had access to the calendar, they would be able to view and modify it. It is recommended that the Nextcloud Server is upgraded to 33.0.3 or 32.0.9. It is recommended that the Nextcloud Enterprise Server is upgraded to 33.0.3, 32.0.9, 31.0.14.5, 30.0.17.9, 29.0.16.16, 28.0.14.17, 27.1.11.26, 26.0.13.26, 25.0.13.29, 24.0.12.34, 23.0.12.35, 22.2.10.39, or 21.0.9.23
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "nextcloud",
"purl": "pkg:bitnami/nextcloud"
},
"ranges": [
{
"events": [
{
"introduced": "32.0.0"
},
{
"fixed": "32.0.9"
},
{
"introduced": "33.0.0"
},
{
"fixed": "33.0.3"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
],
"aliases": [
"CVE-2026-45281"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:nextcloud:nextcloud:*:*:*:*:*:*:*:*"
],
"severity": "High"
},
"details": "Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, with the knowledge of other users\u2019 principal URL an attacker could possibly send a request to gain full access to their calendar. Therefore, the attacker must be an authenticated user. This is because of improper authorization controls in the backend of the calendar. If the attacker had access to the calendar, they would be able to view and modify it. It is recommended that the Nextcloud Server is upgraded to 33.0.3 or 32.0.9. It is recommended that the Nextcloud Enterprise Server is upgraded to 33.0.3, 32.0.9, 31.0.14.5, 30.0.17.9, 29.0.16.16, 28.0.14.17, 27.1.11.26, 26.0.13.26, 25.0.13.29, 24.0.12.34, 23.0.12.35, 22.2.10.39, or 21.0.9.23",
"id": "BIT-nextcloud-2026-45281",
"modified": "2026-07-13T00:08:34.851Z",
"published": "2026-07-12T23:48:02.636Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-hrrv-mp25-26vv"
},
{
"type": "WEB",
"url": "https://github.com/nextcloud/server/pull/59962"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/3545964"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45281"
}
],
"schema_version": "1.6.2",
"summary": "Nextcloud: Cross-Account Calendar Takeover via Unauthorized Group-Member-Set Update"
}
FKIE_CVE-2026-45281
Vulnerability from fkie_nvd - Published: 2026-06-01 19:16 - Updated: 2026-06-17 10:51| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/nextcloud/security-advisories/security/advisories/GHSA-hrrv-mp25-26vv | Mitigation, Vendor Advisory | |
| security-advisories@github.com | https://github.com/nextcloud/server/pull/59962 | Issue Tracking, Patch | |
| security-advisories@github.com | https://hackerone.com/reports/3545964 | Permissions Required |
{
"affected": [
{
"affectedData": [
{
"product": "security-advisories",
"vendor": "nextcloud",
"versions": [
{
"status": "affected",
"version": "\u003e= 32.0.0, \u003c 32.0.9"
},
{
"status": "affected",
"version": "\u003e= 33.0.0, \u003c 33.0.3"
}
]
}
],
"source": "security-advisories@github.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*",
"matchCriteriaId": "A4E473E0-CAC5-4C49-AA6A-84E16C6EAA13",
"versionEndExcluding": "32.0.9",
"versionStartIncluding": "32.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*",
"matchCriteriaId": "9B2B8E97-72E8-48AE-85F0-9FB5CE692F14",
"versionEndExcluding": "33.0.3",
"versionStartIncluding": "33.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "2F118C4C-9CF2-497D-9A90-4F391168F493",
"versionEndExcluding": "21.0.9.23",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "A9443F7A-38CD-441C-BC70-5D4D3583844C",
"versionEndExcluding": "22.2.10.39",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "60E3FB11-35BB-46B3-9E02-240A5D15B317",
"versionEndExcluding": "23.0.12.35",
"versionStartIncluding": "23.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "3B2A3BB9-41AF-4B72-BE89-46449D319621",
"versionEndExcluding": "24.0.12.34",
"versionStartIncluding": "24.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "4D7B9C9B-FF0D-45DC-A01F-BC3CB17DA04A",
"versionEndExcluding": "25.0.13.29",
"versionStartIncluding": "25.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "C8C972D9-57A2-4679-A4DC-B696BCCBE5F3",
"versionEndExcluding": "26.0.13.26",
"versionStartIncluding": "26.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "78AA1EC1-DCA9-41F4-BEE1-07DCC04F11DB",
"versionEndExcluding": "27.1.11.26",
"versionStartIncluding": "27.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "F4136154-9B03-43BC-BD91-D57827E1BAE3",
"versionEndExcluding": "28.0.14.17",
"versionStartIncluding": "28.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "C98F45A0-2CF9-4534-8EEA-52AA5682DFA5",
"versionEndExcluding": "29.0.16.16",
"versionStartIncluding": "29.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "DA06C26B-C42D-4760-BE2D-F20749B36EF1",
"versionEndExcluding": "30.0.17.9",
"versionStartIncluding": "30.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "4FA400BC-693E-461C-B900-37D8ECA22407",
"versionEndExcluding": "31.0.14.5",
"versionStartIncluding": "31.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "E0868A4E-159B-40EC-9633-82B82E87ADA0",
"versionEndExcluding": "32.0.9",
"versionStartIncluding": "32.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "1AD6566B-8299-4BDD-9ADD-8259D0EE4245",
"versionEndExcluding": "33.0.3",
"versionStartIncluding": "33.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, with the knowledge of other users\u2019 principal URL an attacker could possibly send a request to gain full access to their calendar. Therefore, the attacker must be an authenticated user. This is because of improper authorization controls in the backend of the calendar. If the attacker had access to the calendar, they would be able to view and modify it. It is recommended that the Nextcloud Server is upgraded to 33.0.3 or 32.0.9. It is recommended that the Nextcloud Enterprise Server is upgraded to 33.0.3, 32.0.9, 31.0.14.5, 30.0.17.9, 29.0.16.16, 28.0.14.17, 27.1.11.26, 26.0.13.26, 25.0.13.29, 24.0.12.34, 23.0.12.35, 22.2.10.39, or 21.0.9.23"
}
],
"id": "CVE-2026-45281",
"lastModified": "2026-06-17T10:51:51.607",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-45281",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T19:22:37.089766Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-06-01T19:16:50.193",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-hrrv-mp25-26vv"
},
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/nextcloud/server/pull/59962"
},
{
"source": "security-advisories@github.com",
"tags": [
"Permissions Required"
],
"url": "https://hackerone.com/reports/3545964"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-639"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
WID-SEC-W-2026-1471
Vulnerability from csaf_certbund - Published: 2026-05-11 22:00 - Updated: 2026-06-01 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nextcloud Nextcloud Server <32.0.9
Nextcloud / Nextcloud
|
Server <32.0.9 | ||
|
Nextcloud Nextcloud Approval <2.7.2
Nextcloud / Nextcloud
|
Approval <2.7.2 | ||
|
Nextcloud Nextcloud Server <33.0.3
Nextcloud / Nextcloud
|
Server <33.0.3 | ||
|
Nextcloud Nextcloud Forms <5.2.6
Nextcloud / Nextcloud
|
Forms <5.2.6 | ||
|
Nextcloud Nextcloud Calendar <6.2.3
Nextcloud / Nextcloud
|
Calendar <6.2.3 | ||
|
Nextcloud Nextcloud Talk <22.0.11
Nextcloud / Nextcloud
|
Talk <22.0.11 | ||
|
Nextcloud Nextcloud Android Files <33.1.0
Nextcloud / Nextcloud
|
Android Files <33.1.0 | ||
|
Nextcloud Nextcloud Calendar <5.5.17
Nextcloud / Nextcloud
|
Calendar <5.5.17 | ||
|
Nextcloud Nextcloud Talk <23.0.3
Nextcloud / Nextcloud
|
Talk <23.0.3 | ||
|
Nextcloud Nextcloud Talk <21.1.10
Nextcloud / Nextcloud
|
Talk <21.1.10 | ||
|
Nextcloud Nextcloud End-to-End Encryption <2.0.0-rc.7
Nextcloud / Nextcloud
|
End-to-End Encryption <2.0.0-rc.7 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.17.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.17.1 | ||
|
Nextcloud Nextcloud Team Folders <20.1.11
Nextcloud / Nextcloud
|
Team Folders <20.1.11 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.18.1
Nextcloud / Nextcloud
|
End-to-End Encryption <1.18.1 | ||
|
Nextcloud Nextcloud Team Folders <21.0.4
Nextcloud / Nextcloud
|
Team Folders <21.0.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.15.4
Nextcloud / Nextcloud
|
End-to-End Encryption <1.15.4 | ||
|
Nextcloud Nextcloud End-to-End Encryption <1.16.3
Nextcloud / Nextcloud
|
End-to-End Encryption <1.16.3 | ||
|
Nextcloud Nextcloud Team Folders <19.1.16
Nextcloud / Nextcloud
|
Team Folders <19.1.16 | ||
|
Nextcloud Nextcloud User OIDC <8.4.0
Nextcloud / Nextcloud
|
User OIDC <8.4.0 | ||
|
Nextcloud Nextcloud Team Folders <17.0.15
Nextcloud / Nextcloud
|
Team Folders <17.0.15 | ||
|
Nextcloud Nextcloud Collectives <4.3.0
Nextcloud / Nextcloud
|
Collectives <4.3.0 | ||
|
Nextcloud Nextcloud Team Folders <18.1.12
Nextcloud / Nextcloud
|
Team Folders <18.1.12 |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Nextcloud ist eine \"on-premise\" Plattform f\u00fcr Dateifreigabe und Zusammenarbeit.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Nextcloud Server und verschiedenen Apps ausnutzen, um Sicherheitsvorkehrungen zu umgehen, um Informationen offenzulegen, und um Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1471 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1471.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1471 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1471"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-2w7v-5299-3hw5 vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-2w7v-5299-3hw5"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-35fx-69q6-xpjr vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-35fx-69q6-xpjr"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-45pj-p7x7-4mhc vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-45pj-p7x7-4mhc"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-4chh-6mhf-p4jj vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4chh-6mhf-p4jj"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-79xf-ffj8-96fm vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-79xf-ffj8-96fm"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-8mpv-ggq8-hf3w vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8mpv-ggq8-hf3w"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-hrrv-mp25-26vv vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-hrrv-mp25-26vv"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-p3qw-7gwx-wg24 vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-p3qw-7gwx-wg24"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-qqgv-fqwp-mjpp vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qqgv-fqwp-mjpp"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-r3xh-x86g-hw4m vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-r3xh-x86g-hw4m"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-r697-74m9-gvf2 vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-r697-74m9-gvf2"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-xpgv-grf9-gm7x vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-xpgv-grf9-gm7x"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-8wjr-5cg8-4w73 vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8wjr-5cg8-4w73"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-h7gm-vgxr-9hcw vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h7gm-vgxr-9hcw"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-j33j-qph5-4wch vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-j33j-qph5-4wch"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-r4gh-f8x6-m55f vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-r4gh-f8x6-m55f"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-v8q8-w6c3-3gv9 vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v8q8-w6c3-3gv9"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-wx2x-822r-rvmf vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wx2x-822r-rvmf"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-x75r-65hm-cw35 vom 2026-05-11",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-x75r-65hm-cw35"
}
],
"source_lang": "en-US",
"title": "Nextcloud: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-01T22:00:00.000+00:00",
"generator": {
"date": "2026-06-02T07:07:28.838+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1471",
"initial_release_date": "2026-05-11T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-05-11T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-06-01T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2026-33677, EUVD-2026-33676, EUVD-2026-33675, EUVD-2026-33674, EUVD-2026-33673, EUVD-2026-33671, EUVD-2026-33678, EUVD-2026-33711, EUVD-2026-33710, EUVD-2026-33709, EUVD-2026-33708, EUVD-2026-33707, EUVD-2026-33706, EUVD-2026-33705, EUVD-2026-33704, EUVD-2026-33703, EUVD-2026-33702, EUVD-2026-33679, EUVD-2026-33672"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Android Files \u003c33.1.0",
"product": {
"name": "Nextcloud Nextcloud Android Files \u003c33.1.0",
"product_id": "T053810"
}
},
{
"category": "product_version",
"name": "Android Files 33.1.0",
"product": {
"name": "Nextcloud Nextcloud Android Files 33.1.0",
"product_id": "T053810-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:android_files__33.1.0"
}
}
},
{
"category": "product_version_range",
"name": "Server \u003c32.0.9",
"product": {
"name": "Nextcloud Nextcloud Server \u003c32.0.9",
"product_id": "T053811"
}
},
{
"category": "product_version",
"name": "Server 32.0.9",
"product": {
"name": "Nextcloud Nextcloud Server 32.0.9",
"product_id": "T053811-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:server__32.0.9"
}
}
},
{
"category": "product_version_range",
"name": "Server \u003c33.0.3",
"product": {
"name": "Nextcloud Nextcloud Server \u003c33.0.3",
"product_id": "T053812"
}
},
{
"category": "product_version",
"name": "Server 33.0.3",
"product": {
"name": "Nextcloud Nextcloud Server 33.0.3",
"product_id": "T053812-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:server__33.0.3"
}
}
},
{
"category": "product_version_range",
"name": "User OIDC \u003c8.4.0",
"product": {
"name": "Nextcloud Nextcloud User OIDC \u003c8.4.0",
"product_id": "T053813"
}
},
{
"category": "product_version",
"name": "User OIDC 8.4.0",
"product": {
"name": "Nextcloud Nextcloud User OIDC 8.4.0",
"product_id": "T053813-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:user_oidc__8.4.0"
}
}
},
{
"category": "product_version_range",
"name": "Collectives \u003c4.3.0",
"product": {
"name": "Nextcloud Nextcloud Collectives \u003c4.3.0",
"product_id": "T053814"
}
},
{
"category": "product_version",
"name": "Collectives 4.3.0",
"product": {
"name": "Nextcloud Nextcloud Collectives 4.3.0",
"product_id": "T053814-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:collectives__4.3.0"
}
}
},
{
"category": "product_version_range",
"name": "End-to-End Encryption \u003c1.15.4",
"product": {
"name": "Nextcloud Nextcloud End-to-End Encryption \u003c1.15.4",
"product_id": "T053815"
}
},
{
"category": "product_version",
"name": "End-to-End Encryption 1.15.4",
"product": {
"name": "Nextcloud Nextcloud End-to-End Encryption 1.15.4",
"product_id": "T053815-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:end-to-end_encryption__1.15.4"
}
}
},
{
"category": "product_version_range",
"name": "End-to-End Encryption \u003c1.16.3",
"product": {
"name": "Nextcloud Nextcloud End-to-End Encryption \u003c1.16.3",
"product_id": "T053816"
}
},
{
"category": "product_version",
"name": "End-to-End Encryption 1.16.3",
"product": {
"name": "Nextcloud Nextcloud End-to-End Encryption 1.16.3",
"product_id": "T053816-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:end-to-end_encryption__1.16.3"
}
}
},
{
"category": "product_version_range",
"name": "End-to-End Encryption \u003c1.17.1",
"product": {
"name": "Nextcloud Nextcloud End-to-End Encryption \u003c1.17.1",
"product_id": "T053817"
}
},
{
"category": "product_version",
"name": "End-to-End Encryption 1.17.1",
"product": {
"name": "Nextcloud Nextcloud End-to-End Encryption 1.17.1",
"product_id": "T053817-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:end-to-end_encryption__1.17.1"
}
}
},
{
"category": "product_version_range",
"name": "End-to-End Encryption \u003c1.18.1",
"product": {
"name": "Nextcloud Nextcloud End-to-End Encryption \u003c1.18.1",
"product_id": "T053818"
}
},
{
"category": "product_version",
"name": "End-to-End Encryption 1.18.1",
"product": {
"name": "Nextcloud Nextcloud End-to-End Encryption 1.18.1",
"product_id": "T053818-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:end-to-end_encryption__1.18.1"
}
}
},
{
"category": "product_version_range",
"name": "End-to-End Encryption \u003c2.0.0-rc.7",
"product": {
"name": "Nextcloud Nextcloud End-to-End Encryption \u003c2.0.0-rc.7",
"product_id": "T053819"
}
},
{
"category": "product_version",
"name": "End-to-End Encryption 2.0.0-rc.7",
"product": {
"name": "Nextcloud Nextcloud End-to-End Encryption 2.0.0-rc.7",
"product_id": "T053819-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:end-to-end_encryption__2.0.0-rc.7"
}
}
},
{
"category": "product_version_range",
"name": "Calendar \u003c6.2.3",
"product": {
"name": "Nextcloud Nextcloud Calendar \u003c6.2.3",
"product_id": "T053820"
}
},
{
"category": "product_version",
"name": "Calendar 6.2.3",
"product": {
"name": "Nextcloud Nextcloud Calendar 6.2.3",
"product_id": "T053820-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:calendar__6.2.3"
}
}
},
{
"category": "product_version_range",
"name": "Calendar \u003c5.5.17",
"product": {
"name": "Nextcloud Nextcloud Calendar \u003c5.5.17",
"product_id": "T053821"
}
},
{
"category": "product_version",
"name": "Calendar 5.5.17",
"product": {
"name": "Nextcloud Nextcloud Calendar 5.5.17",
"product_id": "T053821-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:calendar__5.5.17"
}
}
},
{
"category": "product_version_range",
"name": "Approval \u003c2.7.2",
"product": {
"name": "Nextcloud Nextcloud Approval \u003c2.7.2",
"product_id": "T053822"
}
},
{
"category": "product_version",
"name": "Approval 2.7.2",
"product": {
"name": "Nextcloud Nextcloud Approval 2.7.2",
"product_id": "T053822-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:approval__2.7.2"
}
}
},
{
"category": "product_version_range",
"name": "Forms \u003c5.2.6",
"product": {
"name": "Nextcloud Nextcloud Forms \u003c5.2.6",
"product_id": "T053823"
}
},
{
"category": "product_version",
"name": "Forms 5.2.6",
"product": {
"name": "Nextcloud Nextcloud Forms 5.2.6",
"product_id": "T053823-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:forms__5.2.6"
}
}
},
{
"category": "product_version_range",
"name": "Team Folders \u003c17.0.15",
"product": {
"name": "Nextcloud Nextcloud Team Folders \u003c17.0.15",
"product_id": "T053824"
}
},
{
"category": "product_version",
"name": "Team Folders 17.0.15",
"product": {
"name": "Nextcloud Nextcloud Team Folders 17.0.15",
"product_id": "T053824-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:team_folders__17.0.15"
}
}
},
{
"category": "product_version_range",
"name": "Team Folders \u003c18.1.12",
"product": {
"name": "Nextcloud Nextcloud Team Folders \u003c18.1.12",
"product_id": "T053825"
}
},
{
"category": "product_version",
"name": "Team Folders 18.1.12",
"product": {
"name": "Nextcloud Nextcloud Team Folders 18.1.12",
"product_id": "T053825-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:team_folders__18.1.12"
}
}
},
{
"category": "product_version_range",
"name": "Team Folders \u003c19.1.16",
"product": {
"name": "Nextcloud Nextcloud Team Folders \u003c19.1.16",
"product_id": "T053827"
}
},
{
"category": "product_version",
"name": "Team Folders 19.1.16",
"product": {
"name": "Nextcloud Nextcloud Team Folders 19.1.16",
"product_id": "T053827-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:team_folders__19.1.16"
}
}
},
{
"category": "product_version_range",
"name": "Team Folders \u003c20.1.11",
"product": {
"name": "Nextcloud Nextcloud Team Folders \u003c20.1.11",
"product_id": "T053828"
}
},
{
"category": "product_version",
"name": "Team Folders 20.1.11",
"product": {
"name": "Nextcloud Nextcloud Team Folders 20.1.11",
"product_id": "T053828-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:team_folders__20.1.11"
}
}
},
{
"category": "product_version_range",
"name": "Team Folders \u003c21.0.4",
"product": {
"name": "Nextcloud Nextcloud Team Folders \u003c21.0.4",
"product_id": "T053829"
}
},
{
"category": "product_version",
"name": "Team Folders 21.0.4",
"product": {
"name": "Nextcloud Nextcloud Team Folders 21.0.4",
"product_id": "T053829-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:team_folders__21.0.4"
}
}
},
{
"category": "product_version_range",
"name": "Talk \u003c21.1.10",
"product": {
"name": "Nextcloud Nextcloud Talk \u003c21.1.10",
"product_id": "T053830"
}
},
{
"category": "product_version",
"name": "Talk 21.1.10",
"product": {
"name": "Nextcloud Nextcloud Talk 21.1.10",
"product_id": "T053830-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:talk__21.1.10"
}
}
},
{
"category": "product_version_range",
"name": "Talk \u003c22.0.11",
"product": {
"name": "Nextcloud Nextcloud Talk \u003c22.0.11",
"product_id": "T053831"
}
},
{
"category": "product_version",
"name": "Talk 22.0.11",
"product": {
"name": "Nextcloud Nextcloud Talk 22.0.11",
"product_id": "T053831-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:talk__22.0.11"
}
}
},
{
"category": "product_version_range",
"name": "Talk \u003c23.0.3",
"product": {
"name": "Nextcloud Nextcloud Talk \u003c23.0.3",
"product_id": "T053832"
}
},
{
"category": "product_version",
"name": "Talk 23.0.3",
"product": {
"name": "Nextcloud Nextcloud Talk 23.0.3",
"product_id": "T053832-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nextcloud:nextcloud:talk__23.0.3"
}
}
}
],
"category": "product_name",
"name": "Nextcloud"
}
],
"category": "vendor",
"name": "Nextcloud"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-45153",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45153"
},
{
"cve": "CVE-2026-45154",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45154"
},
{
"cve": "CVE-2026-45155",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45155"
},
{
"cve": "CVE-2026-45156",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45156"
},
{
"cve": "CVE-2026-45157",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45157"
},
{
"cve": "CVE-2026-45159",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45159"
},
{
"cve": "CVE-2026-45264",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45264"
},
{
"cve": "CVE-2026-45266",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45266"
},
{
"cve": "CVE-2026-45267",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45267"
},
{
"cve": "CVE-2026-45275",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45275"
},
{
"cve": "CVE-2026-45277",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45277"
},
{
"cve": "CVE-2026-45278",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45278"
},
{
"cve": "CVE-2026-45279",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45279"
},
{
"cve": "CVE-2026-45281",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45281"
},
{
"cve": "CVE-2026-45282",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45282"
},
{
"cve": "CVE-2026-45283",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45283"
},
{
"cve": "CVE-2026-45284",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45284"
},
{
"cve": "CVE-2026-45285",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45285"
},
{
"cve": "CVE-2026-45286",
"product_status": {
"known_affected": [
"T053811",
"T053822",
"T053812",
"T053823",
"T053820",
"T053831",
"T053810",
"T053821",
"T053832",
"T053830",
"T053819",
"T053817",
"T053828",
"T053818",
"T053829",
"T053815",
"T053816",
"T053827",
"T053813",
"T053824",
"T053814",
"T053825"
]
},
"release_date": "2026-05-11T22:00:00.000+00:00",
"title": "CVE-2026-45286"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.