1086 matches found
CVE-2026-45155 Nextcloud: Private circle can be added to another circle via API
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add unknown circles by their ID directly to other circles. Since circle IDs have 62^15 complexity by...
PT-2026-45473
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a malicious user has access to a file share of a user, they could use this share token to also access the chunking upload directly and see...
Nextcloud Server 访问控制错误漏洞
NextCloud Server is an open-source NextCloud server program. Versions of NextCloud Server from 32.0.0 to 32.0.9 and from 33.0.0 to 33.0.3 had a access control vulnerability due to improper sharing token access controls. This vulnerability could allow malicious users to access temporarily uploaded...
PT-2026-45538
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31.0.0 to before 31.0.12, and 32.0.0 to before 32.0.3, a missing check of a relation allowed authenticated users with access to any file comment, to read the content of all comments. It is recommended th...
Nextcloud Server 授权问题漏洞
NextCloud Server is an open-source NextCloud server program developed by NextCloud. Versions of NextCloud Server from 32.0.0 to 32.0.9 and from 33.0.0 to 33.0.3 contained vulnerabilities related to authorization. These vulnerabilities stemmed from the possibility that the session cookie, which...
Nextcloud Server 授权问题漏洞
NextCloud Server is an open-source NextCloud server program. Versions of NextCloud Server from 32.0.0 to 32.0.9 and from 33.0.0 to 33.0.3 had authorization-related vulnerabilities. These vulnerabilities stemmed from authentication bypasses, allowing attackers who know the user’s password to...
Nextcloud Server 路径遍历漏洞
NextCloud Server is an open-source NextCloud server program developed by NextCloud. Versions of NextCloud Server from 31.0.0 to 31.0.14 and from 32.0.0 to 32.0.4 contained a path traversal vulnerability. This vulnerability occurred when the lang parameter was used in template directory...
PT-2026-45525
Name of the Vulnerable Software and Affected Versions Nextcloud Server versions 32.0.0 through 32.0.8 Nextcloud Server versions 33.0.0 through 33.0.2 Nextcloud Enterprise Server versions prior to 33.0.3 Nextcloud Enterprise Server versions prior to 32.0.9 Nextcloud Enterprise Server versions prio...
GHSA-3QPQ-R242-JQJ7 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-44167 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-44167 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-3QPQ-R242-JQJ7 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-40194 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-R854-JRXH-36QX vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-94G3-G5V7-Q4JG vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-27QH-8CXX-2CR5 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-32935 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-R854-JRXH-36QX vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-40194 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-27QH-8CXX-2CR5 vulnerabilities
Vulnerabilities for packages: nextcloud-server...