Nextcloud Security-Advisories vulnerabilities
259 known vulnerabilities affecting nextcloud/security-advisories.
Total CVEs
259
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL11HIGH47MEDIUM172LOW29
Vulnerabilities
Page 3 of 13
CVE-2023-28835P3HIGHCVSS 7.5fixed in 24.0.10v>= 25.0.0, < 25.0.42023-03-30
CVE-2023-28835 [HIGH] CWE-338 CVE-2023-28835: Nextcloud server is an open source home cloud implementation. In affected versions the generated fal
Nextcloud server is an open source home cloud implementation. In affected versions the generated fallback password when creating a share was using a weak complexity random number generator, so when the sharer did not change it the password could be guessable to an attacker willing to brute force it. It is recommended that the Nextcloud Server is upgra
nvd
CVE-2023-25579P3HIGHCVSS 7.5fixed in 23.0.12v>= 24.0.0, < 24.0.8+1 more2023-02-22
CVE-2023-25579 [HIGH] CWE-22 CVE-2023-25579: Nextcloud server is a self hosted home cloud product. In affected versions the `OC\Files\Node\Folder
Nextcloud server is a self hosted home cloud product. In affected versions the `OC\Files\Node\Folder::getFullPath()` function was validating and normalizing the string in the wrong order. The function is used in the `newFile()` and `newFolder()` items, which may allow to creation of paths outside of ones own space and overwriting data from other users
nvd
CVE-2024-52525P3HIGHCVSS 7.5v>= 28.0.0, < 28.0.12v>= 29.0.0, < 29.0.9+1 more2024-11-15
CVE-2024-52525 [HIGH] CWE-312 CVE-2024-52525: Nextcloud Server is a self hosted personal cloud system. Under certain conditions the password of a
Nextcloud Server is a self hosted personal cloud system. Under certain conditions the password of a user was stored unencrypted in the session data. The session data is encrypted before being saved in the session storage (Redis or disk), but it would allow a malicious process that gains access to the memory of the PHP process, to get access to the clea
nvd
CVE-2026-45722P3HIGHCVSS 7.1v>= 0.9.0, < 0.9.7v>= 1.0.0, < 1.0.22026-06-01
CVE-2026-45722 [HIGH] CWE-89 CVE-2026-45722: Nextcloud is an open source content collaboration platform. From versions 0.9.0 to before 0.9.7, and
Nextcloud is an open source content collaboration platform. From versions 0.9.0 to before 0.9.7, and 1.0.0 to before 1.0.2, a missing sanitization in the Tables app allowed a user with access to the tables app to perform a limited SQL injection in the ORDER BY statement of a query. Compared to normal SQL injections, the ORDER BY is limited to extractin
nvd
CVE-2026-45279P3MEDIUMCVSS 6.5v>= 31.0.0, < 31.0.14v>= 32.0.0, < 32.0.42026-06-01
CVE-2026-45279 [MEDIUM] CWE-22 CVE-2026-45279: Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31.0.0
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31.0.0 to before 31.0.14, and 32.0.0 to before 32.0.4, if {lang} is used in the template directory config value, non-admin users can in some cases copy arbitrary files (depending on unix permissions) into their own Nextcloud directory via a path traversal. I
nvd
CVE-2026-45275P3MEDIUMCVSS 6.5fixed in 2.7.22026-06-01
CVE-2026-45275 [MEDIUM] CWE-285 CVE-2026-45275: Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, a privilege esca
Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, a privilege escalation vulnerability exists in the Approval app that allows a user without sharing permissions to force the system to share a file with approvers. This results in an authorization bypass and privilege escalation, allowing unauthorized distribution of
nvd
CVE-2023-22472P3HIGHCVSS 8.8≤ 3.6.12023-01-09
CVE-2023-22472 [HIGH] CWE-352 CVE-2023-22472: Deck is a kanban style organization tool aimed at personal planning and project organization for tea
Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. It is possible to make a user send any POST request with an arbitrary body given they click on a malicious deep link on a Windows computer. (e.g. in an email, chat link, etc). There are currently no known workarounds. It is
nvd
CVE-2023-25820P3HIGHCVSS 7.8vNextcloud Server >= 24.0.0, < 24.0.10vNextcloud Server >= 25.0.0, < 25.0.4+5 more2023-03-22
CVE-2023-25820 [HIGH] CWE-307 CVE-2023-25820: Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Enterprise Server is the enterprise version of the file server software. In Nextcloud Server versions 25.0.x prior to 25.0.5 and versions 24.0.x prior to 24.0.10 as well as Nextcloud Enterprise Server versions 25.0.x prior to 25.0.4, 24.0.x p
nvd
CVE-2022-36074P3HIGHCVSS 7.5fixed in 23.0.7v>= 24.0.0, < 24.0.32022-09-15
CVE-2022-36074 [HIGH] CWE-200 CVE-2022-36074: Nextcloud server is an open source personal cloud product. Affected versions of this package are vul
Nextcloud server is an open source personal cloud product. Affected versions of this package are vulnerable to Information Exposure which fails to strip the Authorization header on HTTP downgrade. This can lead to account access exposure and compromise. It is recommended that the Nextcloud Server is upgraded to 23.0.7 or 24.0.3. It is recommended that
nvd
CVE-2024-37313P3HIGHCVSS 7.5v>= 26.0.0, < 26.0.13v>= 27.0.0, < 27.1.8+1 more2024-06-14
CVE-2024-37313 [HIGH] CWE-287 CVE-2024-37313: Nextcloud server is a self hosted personal cloud system. Under some circumstance it was possible to
Nextcloud server is a self hosted personal cloud system. Under some circumstance it was possible to bypass the second factor of 2FA after successfully providing the user credentials. It is recommended that the Nextcloud Server is upgraded to 26.0.13, 27.1.8 or 28.0.4 and Nextcloud Enterprise Server is upgraded to 21.0.9.17, 22.2.10.22, 23.0.12.17, 24.0
nvd
CVE-2024-52508P3HIGHCVSS 8.1v>= 1.9.0, < 1.14.6v>= 2.1.0, < 2.2.11+3 more2024-11-15
CVE-2024-52508 [HIGH] CWE-200 CVE-2024-52508: Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is tr
Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like [email protected] that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would be send to the server of the attacker. It is recommended
nvd
CVE-2021-32727P3HIGHCVSS 7.5fixed in 3.16.12021-07-12
CVE-2021-32727 [HIGH] CWE-295 CVE-2021-32727: Nextcloud Android Client is the Android client for Nextcloud. Clients using the Nextcloud end-to-end
Nextcloud Android Client is the Android client for Nextcloud. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.16.1, the Nextcloud Android client skipped a step that involved the client checking if a private key belonged to a previously downloaded public certifica
nvd
CVE-2026-45285P3MEDIUMCVSS 6.4v>= 32.0.0, < 32.0.9v>= 33.0.0, < 33.0.32026-06-01
CVE-2026-45285 [MEDIUM] CWE-862 CVE-2026-45285: Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, a
Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes an external member (a person added via email address who does not have a Nextcloud account), the system automatically creates a public link for that ex
nvd
CVE-2024-52510P3HIGHCVSS 7.5v>= 3.0.0, < 3.14.22024-11-15
CVE-2024-52510 [HIGH] CWE-295 CVE-2024-52510: The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Desktop client is upgraded to 3.14.2 or later.
nvd
CVE-2026-45282P3MEDIUMCVSS 6.5v>= 32.0.0, < 32.0.9v>= 33.0.0, < 33.0.32026-06-01
CVE-2026-45282 [MEDIUM] CWE-284 CVE-2026-45282: Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authenticated attacker can access attachments of link shares when knowing the share token, circumventing password protection or download restrictions. It is applicable to any file that is shared direc
nvd
CVE-2026-45267P3MEDIUMCVSS 6.5fixed in 5.2.62026-06-01
CVE-2026-45267 [MEDIUM] CWE-200 CVE-2026-45267: Nextcloud is an open source content collaboration platform. Prior to version 5.2.6, a missing permis
Nextcloud is an open source content collaboration platform. Prior to version 5.2.6, a missing permissions check allowed users to request reading form submissions of other users. This issue has been patched in version 5.2.6.
nvd
CVE-2026-45690P3MEDIUMCVSS 5.9v>= 32.0.0, < 32.0.9v>= 33.0.0, < 33.0.32026-06-01
CVE-2026-45690 [MEDIUM] CWE-287 CVE-2026-45690: Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authentication bypass vulnerability allowed attackers with knowledge of a user's password to circumvent two-factor authentication (2FA) protections. When a user initiated login with valid credentials
nvd
CVE-2021-41178P3MEDIUMCVSS 6.5v20.0.13v>= 21.0.0, < 21.0.5+1 more2021-10-25
CVE-2021-41178 [MEDIUM] CWE-23 CVE-2021-41178: Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, a
Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, a file traversal vulnerability makes an attacker able to download arbitrary SVG images from the host system, including user provided files. This could also be leveraged into a XSS/phishing attack, an attacker could upload a malicious SVG fil
nvd
CVE-2024-52523P3MEDIUMCVSS 6.5v>= 28.0.0, < 28.0.12v>= 29.0.0, < 29.0.9+1 more2024-11-15
CVE-2024-52523 [MEDIUM] CWE-200 CVE-2024-52523: Nextcloud Server is a self hosted personal cloud system. After setting up a user or administrator de
Nextcloud Server is a self hosted personal cloud system. After setting up a user or administrator defined external storage with fixed credentials, the API returns them and adds them into the frontend again, allowing to read them in plain text when an attacker already has access to an active session of a user. It is recommended that the Nextcloud Ser
nvd
CVE-2022-41882P3HIGHCVSS 7.8v= 3.6.02022-11-11
CVE-2022-41882 [HIGH] CWE-94 CVE-2022-41882: The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. In version 3.6.0, if a user received a malicious file share and has it synced locally or the virtual filesystem enabled and clicked a nc://open/ link it will open the default editor for the file type of the shared file, which on Windows can also someti
nvd