cbcvebase.
CVE-2025-66551
published 2025-12-05

CVE-2025-66551: Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.6 and 0.9.3, a malicious user was able to create their own table…

PriorityP421medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
EPSS
0.21%
10.7th percentile
Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.6 and 0.9.3, a malicious user was able to create their own table and then move a column to a victims table. This vulnerability is fixed in 0.8.6 and 0.9.3.

Affected

4 ranges
VendorProductVersion rangeFixed in
nextcloudsecurity-advisories< 0.8.60.8.6
nextcloudsecurity-advisories
nextcloudtables>= 0.4.0 < 0.8.60.8.6
nextcloudtables>= 0.9.0 < 0.9.30.9.3
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.