Vulnerabilidades em Nextcloud
288 resultadosCVE-2026-45278LOWNextcloud: Open Redirect in user_oidc login flow via protocol-relative URL bypassEPSS 0.2%CVE-2025-66553MEDIUMNextcloud Tables app allowed users to view columns metadata information of any tableEPSS 0.2%CVE-2026-45157MEDIUMNextcloud: Valid share tokens allow to access tempory upload files of share ownerEPSS 0.2%CVE-2021-32801MEDIUMExceptions may have logged Encryption-at-Rest key content in Nextcloud serverEPSS 0.2%CVE-2025-66545LOWNextcloud Groupfolders users with read-only permissions for team folder can restore deleted files from trash binEPSS 0.2%CVE-2026-45264MEDIUMNextcloud: ACL Rename Permission Bypass in Team Folders Allows Unauthorized File RenamesEPSS 0.2%CVE-2023-28646MEDIUMApp lockout in nextcloud Android app can be bypassed via thirdparty appsEPSS 0.2%CVE-2025-66558LOWNextcloud Twofactor WebAuthn app was updated based on public keyEPSS 0.2%CVE-2026-45544MEDIUMNextcloud: Information Disclosure of view filter metdata via Broken Sensitive Data Masking in ViewServiceEPSS 0.2%CVE-2026-45283MEDIUMNextcloud: Files Lock app allows users to lock and unlock files of other usersEPSS 0.2%CVE-2023-32318HIGHUser session not correctly destroyed on logoutEPSS 0.2%CVE-2025-66551MEDIUMNextcloud Tables is missing an ownership check which allows moving columns into tables of other usersEPSS 0.2%CVE-2025-66556LOWNextcloud talk allows participants to blindly delete poll drafts of other users by IDEPSS 0.2%CVE-2025-66514LOWNextcloud Mail stored HTML injection in subject textEPSS 0.2%CVE-2023-22472MEDIUMNextcloud Deck Desktop Client is vulnerable to Cross-Site Request Forgery (CSRF) via malicious linkEPSS 0.2%CVE-2025-66554LOWNextcloud Contacts vulnerable to Stored XSS in contacts app via organisation and title fieldEPSS 0.2%CVE-2026-45266LOWNextcloud: Unauthorized force-mute from missing permission check when using internal signalingEPSS 0.2%CVE-2026-45159LOWNextcloud: Files drop share links for end-to-end encrypted folders allowed to drop files into other folders of the share ownerEPSS 0.2%CVE-2026-45155LOWNextcloud: Private circle can be added to another circle via APIEPSS 0.2%CVE-2022-39334LOWnextcloudcmd incorrectly trusts bad TLS certificatesEPSS 0.2%