Nextcloud Security Vulnerabilities (CVEs)

Nextcloud Server 30.0.0 contains an Insecure Direct Object Reference (IDOR) vulnerability in the /core/preview endpoint. Authenticated users can acces...

A vulnerability in Nextcloud's Twofactor WebAuthn plugin allows attackers to remove a user's WebAuthn 2FA device by correctly guessing a long random s...

Nextcloud Desktop client versions before 3.16.5 send file paths unencrypted to the server when manually locking files in end-to-end encrypted director...

This vulnerability in Nextcloud Tables allows authenticated malicious users to move columns they created into other users' tables without authorizatio...

CVE-2025-66553 is an authorization bypass vulnerability in Nextcloud Tables where authenticated users can view metadata of columns in other tables by ...

This vulnerability allows authenticated malicious users to inject CSS files by modifying their organization and title fields in the Nextcloud Contacts...

This vulnerability in Nextcloud Talk allows participants with chat permissions to delete poll drafts created by other participants within the same con...

This vulnerability in Nextcloud Deck allows users with 'Can share' permission to modify permissions of other recipients, potentially escalating privil...

Nextcloud Tables had an authorization bypass vulnerability where unprivileged users could view which tables were shared with which groups/users and th...

This vulnerability allows authenticated Nextcloud Mail users to inject HTML into email subject lines displayed in the message list. While JavaScript e...

This vulnerability in Nextcloud Approval app allows authenticated users listed as requesters in workflows to mark other users' files as 'pending appro...

This vulnerability in Nextcloud Groupfolders allows users with read-only permissions to restore files from the trash bin, bypassing intended access co...

This vulnerability in Nextcloud Deck allows attackers to spoof file extensions using Right-to-Left Override (RTLO) characters, tricking users into dow...

This vulnerability in Nextcloud Calendar allows attackers to blindly book appointments using sequential IDs without needing the appointment token. It ...

This vulnerability allows non-privileged Nextcloud users to modify tags on files they shouldn't have access to through bulk tagging operations. It aff...

This vulnerability in Nextcloud Calendar allows a malicious user to create calendar events with crafted attachments that automatically download files ...

This vulnerability in Nextcloud Server causes the admin_audit app to fail to log actions on files and folders within groupfolders due to incorrect pat...

This vulnerability in Nextcloud Server allows authenticated users to retrieve personal data (emails, names, identifiers) of other users through the co...

Nextcloud Calendar versions before 6.0.3 generate participant tokens for meeting proposals using a predictable hash function instead of cryptographica...

This vulnerability allows malicious users to bypass Nextcloud's Content Security Policy (CSP) by tricking users into viewing specially crafted SVG fil...

This Nextcloud vulnerability allows users who receive shared folders containing blocked files to copy the intermediate folder structure, potentially b...

This vulnerability in Nextcloud Mail allows email account setup details to be sent to attacker-controlled servers when auto-configuration fails. Attac...

The Nextcloud Desktop Client vulnerability allows attackers to bypass signature validation when a manipulated server sends an empty initial signature....

This vulnerability in Nextcloud Server allows attackers to trick the link reference provider into downloading larger websites than intended when proce...

This vulnerability in Nextcloud Server exposes fixed credentials for external storage configurations through the API and frontend. An attacker with an...

This vulnerability in Nextcloud Server exposes global credentials in plain text through the API response when an attacker has access to an active user...

This vulnerability in Nextcloud Server allows a malicious user to upload a manipulated SVG file that references other file paths. If the referenced fi...

This vulnerability in Nextcloud Deck allows users with access to a deck board to view comments and attachments from deleted cards, bypassing intended ...

CVE-2024-37886 is a signature verification bypass vulnerability in Nextcloud's user_oidc app that allows attackers to potentially forge OpenID Connect...

Authenticated users in Nextcloud Calendar can create events with manipulated attachment data that causes bad redirects for participants when clicked. ...

This vulnerability allows attackers to bypass two-factor authentication (2FA) in Nextcloud Server after successfully obtaining valid user credentials....

This vulnerability in Nextcloud Server allows a malicious user to update any personal or global external storage configuration, making those storage l...

This vulnerability in Nextcloud Server allows a malicious authenticated user to delete any personal or global external storage configuration, making t...

This vulnerability allows attackers to brute-force password reset links in NextCloud Server and NextCloud Enterprise Server, potentially enabling unau...

This vulnerability allows a malicious Nextcloud server to modify or delete VCards in the system addressbook on a trusted partner server. It affects Ne...

This vulnerability in Nextcloud Server allows attackers to bypass rate limiting protections by sending parallel requests, enabling brute-force attacks...

This vulnerability allows attackers to brute-force user credentials on Nextcloud servers via WebDAV endpoints when basic authentication is used and th...

This CVE describes a command injection vulnerability in NextCloud Cookbook's GitHub Actions workflow. Attackers with write access to the repository ca...

This CVE describes a session handling vulnerability in Nextcloud Server where logout doesn't properly destroy sessions if cookies aren't manually clea...

This vulnerability in the Nextcloud Android app allows malicious apps on the same Android device to bypass permission controls and access Nextcloud us...

CVE-2021-39225 is an authorization bypass vulnerability in Nextcloud Deck that allows authenticated users to access other users' Deck cards without pr...

Nextcloud versions prior to 20.0.13, 21.0.5, and 22.2.0 contain a file traversal vulnerability that allows attackers to download arbitrary SVG files f...

This vulnerability in Nextcloud Richdocuments allows attackers to bypass 'Upload Only' file drop restrictions and read arbitrary files from public lin...

This vulnerability in Nextcloud Server allows account takeover when usernames are reused. When a user account is deleted, their WebAuthn authenticatio...

This vulnerability in Nextcloud Talk allows user impersonation through username reuse, enabling unauthorized access to chat messages. Attackers who ca...