CVE-2026-45154

Nextcloud Collectives vulnerability: from version 2.6.0 through before 4.3.0, if a collective page was deleted and the collective was shared view‑only, guests with access could directly retrieve the deleted pages from the trashbin. Root cause: improper access control. A fix is available in versio...

Nextcloud Collectives 访问控制错误漏洞

NextCloud Collectives is an open-source collaboration and knowledge management tool developed by NextCloud. In versions 2.6.0 to 4.3.0 of NextCloud Collectives, there was a security vulnerability related to access control. This vulnerability stemmed from a lack of permission checks, which could...