Nextcloud Security-Advisories vulnerabilities

CVE-2025-47794 [LOW] CWE-284 CVE-2025-47794: Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 29.0.13, 30.0. Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 29.0.13, 30.0.7, and 31.0.1 and Nextcloud Enterprise Server prior to 26.0.13.13, 27.1.11.13, 28.0.14.4, 29.0.13, 30.0.7, and 31.0.1, an attacker on a multi-user system may read temporary files from Nextcloud running with a different user account, or run a symlink atta

CVE-2025-47790 [MEDIUM] CWE-287 CVE-2025-47790: Nextcloud Server is a self hosted personal cloud system. Nextcloud Server prior to 29.0.15, 30.0.9, Nextcloud Server is a self hosted personal cloud system. Nextcloud Server prior to 29.0.15, 30.0.9, and 31.0.3 and Nextcloud Enterprise Server prior to 26.0.13.15, 27.1.11.15, 28.0.14.6, 29.0.15, 30.0.9, and 31.0.3 have a bug with session handling. The bug caused skipping the second factor confirmation after a successful login with the username and p

CVE-2025-47792 [MEDIUM] CWE-284 CVE-2025-47792: Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior t Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service. Nextcloud Desktop fixes the issue in version 3.15. No kno

CVE-2025-47793 [MEDIUM] CWE-770 CVE-2025-47793: Nextcloud Server is a self hosted personal cloud system, and the Nextcloud Groupfolders app provides Nextcloud Server is a self hosted personal cloud system, and the Nextcloud Groupfolders app provides admin-configured folders shared by everyone in a group or team. In Nextcloud Server prior to 30.0.2, 29.0.9, and 28.0.1, Nextcloud Enterprise Server prior to 30.0.2 and 29.0.9, and Nextcloud Groupfolders app prior to 18.0.3, 17.0.5, and 16.0.11, the

CVE-2025-47791 [MEDIUM] CWE-918 CVE-2025-47791: Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 28.0.13, 29.0. Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 28.0.13, 29.0.10, and 30.0.3 and Nextcloud Enterprise Server prior to 28.0.13, 29.0.10, and 30.0.3, a currently unused endpoint to verify a share recipient was not protected correctly, allowing to proxy requests to another server. The endpoint was removed in Nextcl

CVE-2024-52519 [LOW] CWE-922 CVE-2024-52519: Nextcloud Server is a self hosted personal cloud system. The OAuth2 client secrets were stored in a Nextcloud Server is a self hosted personal cloud system. The OAuth2 client secrets were stored in a recoverable way, so that an attacker that got access to a backup of the database and the Nextcloud config file, would be able to decrypt them. It is recommended that the Nextcloud Server is upgraded to 28.0.10 or 29.0.7 and Nextcloud Enterprise Server is

CVE-2024-52510 [MEDIUM] CWE-295 CVE-2024-52510: The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Desktop client is upgraded to 3.14.2 or later.

CVE-2024-52525 [LOW] CWE-312 CVE-2024-52525: Nextcloud Server is a self hosted personal cloud system. Under certain conditions the password of a Nextcloud Server is a self hosted personal cloud system. Under certain conditions the password of a user was stored unencrypted in the session data. The session data is encrypted before being saved in the session storage (Redis or disk), but it would allow a malicious process that gains access to the memory of the PHP process, to get access to the clear

CVE-2024-52508 [HIGH] CWE-200 CVE-2024-52508: Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is tr Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like [email protected] that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would be send to the server of the attacker. It is recommended

CVE-2024-52512 [LOW] CWE-601 CVE-2024-52512: user_oidc app is an OpenID Connect user backend for Nextcloud. A malicious user could send a malform user_oidc app is an OpenID Connect user backend for Nextcloud. A malicious user could send a malformed login link that would redirect the user to a provided URL after successfully authenticating. It is recommended that the Nextcloud User OIDC app is upgraded to 6.1.0.

CVE-2024-52513 [LOW] CWE-200 CVE-2024-52513: Nextcloud Server is a self hosted personal cloud system. After receiving a "Files drop" or "Password Nextcloud Server is a self hosted personal cloud system. After receiving a "Files drop" or "Password protected" share link a malicious user was able to download attachments that are referenced in Text files without providing the password. It is recommended that the Nextcloud Server is upgraded to 28.0.11, 29.0.8 or 30.0.1 and Nextcloud Enterprise Serve

CVE-2024-52521 [LOW] CWE-328 CVE-2024-52521: Nextcloud Server is a self hosted personal cloud system. MD5 hashes were used to check background jo Nextcloud Server is a self hosted personal cloud system. MD5 hashes were used to check background jobs for their uniqueness. This increased the chances of a background job with arguments falsely being identified as already existing and not be queued for execution. By changing the Hash to SHA256 the probability was heavily decreased. It is recommended t

CVE-2024-52515 [MEDIUM] CWE-706 CVE-2024-52515: Nextcloud Server is a self hosted personal cloud system. After an admin enables the default-disabled Nextcloud Server is a self hosted personal cloud system. After an admin enables the default-disabled SVG preview provider, a malicious user could upload a manipulated SVG file referencing paths. If the file would exist the preview of the SVG would preview the other file instead. It is recommended that the Nextcloud Server is upgraded to 27.1.10, 28.

CVE-2024-52507 [LOW] CWE-639 CVE-2024-52507: Nextcloud Tables allows users to to create tables with individual columns. The information which Tab Nextcloud Tables allows users to to create tables with individual columns. The information which Table (numeric ID) is shared with which groups and users and the respective permissions was not limited to affected users. It is recommended that the Nextcloud Tables app is upgraded to 0.8.1.

CVE-2024-52511 [MEDIUM] CWE-639 CVE-2024-52511: Nextcloud Tables allows users to to create tables with individual columns. By directly specifying th Nextcloud Tables allows users to to create tables with individual columns. By directly specifying the ID of a table or view, a malicious user could blindly insert new rows into tables they have no access to. It is recommended that the Nextcloud Tables is upgraded to 0.8.0.

CVE-2024-52520 [MEDIUM] CWE-400 CVE-2024-52520: Nextcloud Server is a self hosted personal cloud system. Due to a pre-flighted HEAD request, the lin Nextcloud Server is a self hosted personal cloud system. Due to a pre-flighted HEAD request, the link reference provider could be tricked into downloading bigger websites than intended, to find open-graph data. It is recommended that the Nextcloud Server is upgraded to 28.0.10 or 29.0.7 and Nextcloud Enterprise Server is upgraded to 27.1.11.8, 28.0.

CVE-2024-52517 [MEDIUM] CWE-200 CVE-2024-52517: Nextcloud Server is a self hosted personal cloud system. After storing "Global credentials" on the s Nextcloud Server is a self hosted personal cloud system. After storing "Global credentials" on the server, the API returns them and adds them into the frontend again, allowing to read them in plain text when an attacker already has access to an active session of a user. It is recommended that the Nextcloud Server is upgraded to 28.0.11, 29.0.8 or 30

CVE-2024-52509 [LOW] CWE-284 CVE-2024-52509: Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mai Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients. It is recommended that the Nextcloud Mail is upgraded t

CVE-2024-52523 [MEDIUM] CWE-200 CVE-2024-52523: Nextcloud Server is a self hosted personal cloud system. After setting up a user or administrator de Nextcloud Server is a self hosted personal cloud system. After setting up a user or administrator defined external storage with fixed credentials, the API returns them and adds them into the frontend again, allowing to read them in plain text when an attacker already has access to an active session of a user. It is recommended that the Nextcloud Ser

CVE-2024-52518 [MEDIUM] CWE-287 CVE-2024-52518: Nextcloud Server is a self hosted personal cloud system. After an attacker got access to the session Nextcloud Server is a self hosted personal cloud system. After an attacker got access to the session of a user or administrator, the attacker would be able to create, change or delete external storages without having to confirm the password. It is recommended that the Nextcloud Server is upgraded to 28.0.12, 29.0.9 or 30.0.2.