CVE-2026-45285

Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes an external member a person added via email address who does not have a Nextcloud account, the...

CVE-2026-45810 Nextcloud: Propfind requests for file comments allowed to load comments for other files

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31.0.0 to before 31.0.12, and 32.0.0 to before 32.0.3, a missing check of a relation allowed authenticated users with access to any file comment, to read the content of all comments. It is recommended th...

CVE-2026-45690

Nextcloud Server versions 32.0.0–32.0.9 and 33.0.0–33.0.3 expose an authentication bypass where, after valid credentials are entered on a 2FA-enabled account, a temporary session token is created before the second factor is enforced. The token can be extracted and replayed via HTTP Basic Authenti...

EUVD-2026-33715

Nextcloud is an open source content collaboration platform. From versions 0.7.0 to before 0.7.7, 0.8.0 to before 0.8.10, 0.9.0 to before 0.9.8, and 1.0.0 to before 1.0.4, an authenticated attacker with access to the Tables app may be able to execute arbitrary up to 20 bytes long SQL queries,...

PT-2026-45526

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authenticated attacker can access attachments of link shares when knowing the share token, circumventing password protection or download...

ROS-20260524-73-0046

Vulnerability in nextcloud related to authorization bypass through the use of a user-controlled key. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

ROS-20260524-73-0054

Vulnerability in nextcloud related to the use of dangerous methods or features. Exploitation of the vulnerability could allow an attacker to directly access the memory of a computing device to which thunderbolt-enabled devices are connected...

Fedora 44 : nextcloud (2026-cb5661d883)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-cb5661d883 advisory. 33.0.3 Release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

ROS-20260129-73-0046

Vulnerability in nextcloud related to flaws in access to personal information. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

ROS-20260129-73-0045

Vulnerability in nextcloud related to bugs in security settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

EUVD-2017-1241

Malware in sbrugna...

EUVD-2017-1247

Malware in sbrugna...

EUVD-2017-18222

Malware in sbrugna...

EUVD-2016-10271

Malware in sbrugna...

EUVD-2016-10266

Malware in sbrugna...

EUVD-2016-10274

Malware in sbrugna...

EUVD-2016-10273

Malware in sbrugna...

EUVD-2016-10268

Malware in sbrugna...

EUVD-2016-10272

Malware in sbrugna...

EUVD-2023-43650

Malicious code in bioql PyPI...