Vulnerabilidades em nextcloud
288 resultadosCVE-2026-45281HIGHNextcloud: Cross-Account Calendar Takeover via Unauthorized Group-Member-Set UpdateEPSS 0.3%CVE-2026-45286MEDIUMNextcloud: Calendar app leaked user identifiers via attendee suggestion endpointEPSS 0.3%CVE-2023-28647MEDIUMApp pin of the iOS app can be bypassed in Nextcloud iOSEPSS 0.3%CVE-2025-66550MEDIUMNextcloud Calendar attachments of local files are offered to downloadedEPSS 0.3%CVE-2026-45543MEDIUMNextcloud: Deleting a Forms collaborator share leaves uploaded response files accessible through a lingering Files shareEPSS 0.3%CVE-2022-41926LOWNextcloud Talk Android broadcast incorrect permission handlingEPSS 0.3%CVE-2025-66552MEDIUMNextcloud Server admin_audit does not log all actions on files in groupfoldersEPSS 0.3%CVE-2025-66515LOWNextcloud Approval app allows users to request approval for other users fileEPSS 0.3%CVE-2026-45810MEDIUMNextcloud: Propfind requests for file comments allowed to load comments for other filesEPSS 0.3%CVE-2025-66511MEDIUMNextcloud Calendar app used predictable proposal participant tokensEPSS 0.2%CVE-2023-48305MEDIUMNextcloud Server user_ldap app logs user passwords in the log file on level debugEPSS 0.2%CVE-2025-59788MEDIUMCross-site scripting (XSS) vulnerability in a reachable files_pdfviewer example directory in Nextcloud with versions before 22.2.10.33, 23.0EPSS 0.2%CVE-2025-66549LOWNextcloud Desktop discloses information when attempting to lock a file inside a end-to-end encrypted directoryEPSS 0.2%CVE-2023-39963HIGHMissing password confirmation when creating app passwordsEPSS 0.2%CVE-2025-66513MEDIUMNextcloud Tables app share information not limited to relevant usersEPSS 0.2%CVE-2024-37886MEDIUMNextcloud user_oidc's ID4me does not validate signature or expirationEPSS 0.2%CVE-2025-66547MEDIUMNextcloud Server users can modify tags on files that do not belong to themEPSS 0.2%CVE-2023-25820MEDIUMNextcloud Server and Enterprise Server missing brute force protection on password confirmation modalEPSS 0.2%CVE-2025-66512MEDIUMNextcloud Server vulnerable to XSS in SVG images when opened outside of NextcloudEPSS 0.2%CVE-2025-66557MEDIUMNextcloud Deck app allowed user with "Can share" permission to modify permissions of other non-ownersEPSS 0.2%