Where
-Infinity
0

Trending

Last week
Last month
Last year

Nextcloud NextCloud ServerNextcloud Server vulnerable to insecure temporary file creation, race with write access and permission

Risk 16
Severity
4.3
EPSS
0.02%
First published (updated )
CVE-2025-47794

Nextcloud NextCloud ServerNextcloud Server and Groupfolders app vulnerable to bypass of group folder quota limit using attachment in text file

Risk 27
Severity
6.5
EPSS
0.02%
First published (updated )
CVE-2025-47793

Nextcloud NextCloud ServerNextcloud Server's test remote endpoint is not rate limited

Risk 19
Severity
5.3
EPSS
0.03%
First published (updated )
CVE-2025-47791

Nextcloud NextCloud ServerNextcloud Server's Attachments folder for Text app is accessible on "Files drop" and "Password protected" shares

Risk 22
Severity
4.3
First published (updated )
CVE-2024-52513

Nextcloud NextCloud ServerNextcloud Server allows users to copy folder that contain files that are blocked by the files access control

Risk 21
Severity
4.1
First published (updated )
CVE-2024-52514
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Nextcloud NextCloud ServerNextcloud Server has incomplete sanitization of SVG files allows to embed other images into previews

Risk 38
Severity
6.5
First published (updated )
CVE-2024-52515

Nextcloud ServerNextcloud Server's shares are not removed when user is limited to share with in their groups and being removed from one of them

Risk 22
Severity
4.3
First published (updated )
CVE-2024-52516

Nextcloud ServerNextcloud Server's global credentials of external storages are sent back to the frontend

Risk 35
Severity
5.9
First published (updated )
CVE-2024-52517

Nextcloud ServerNextcloud Server is missing password confirmation when changing external storage options

Risk 34
Severity
5.4
First published (updated )
CVE-2024-52518

Nextcloud ServerNextcloud Server's OAuth2 client secrets were stored in a recoverable way

Risk 54
Severity
8.2
First published (updated )
CVE-2024-52519
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Nextcloud NextCloud ServerNextcloud Server's link reference provider can be tricked into downloading bigger files than intended

Risk 37
Severity
6.5
First published (updated )
CVE-2024-52520

Nextcloud ServerNextcloud Server has a potential hash collision for background jobs could skip queuing them

Risk 27
Severity
5.3
First published (updated )
CVE-2024-52521

Nextcloud NextCloud ServerNextcloud Server Custom defined credentials of external storages are sent back to the frontend

Risk 38
Severity
6.5
First published (updated )
CVE-2024-52523

Nextcloud ServerNextcloud Server User password is available in memory of the PHP process

Risk 43
Severity
7.5
First published (updated )
CVE-2024-52525

Nextcloud ServerNextcloud Server's users can delete old versions of read-only shared files

Risk 34
Severity
5.4
First published (updated )
CVE-2024-37884
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Nextcloud ServerNextcloud Server can reshare read&share only folder with more permissions

Risk 60
Severity
8.1
First published (updated )
CVE-2024-37882

Nextcloud ServerNextcloud Server's read-only users can restore old versions

Risk 22
Severity
4.3
First published (updated )
CVE-2024-37315

Nextcloud ServerNextcloud Photos' shared albums have no restriction on photo removal

Risk 19
Severity
3.5
First published (updated )
CVE-2024-37314

Nextcloud NextCloud ServerNextcloud server allows the by-pass the second factor

Risk 43
Severity
7.5
First published (updated )
CVE-2024-37313

Nextcloud ServerOAuth2 authorization codes are valid indefinetly in Nextcloud server

Risk 15
Severity
3.7
EPSS
0.05%
First published (updated )
CVE-2024-22403
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Nextcloud ServerBruteforce protection can be bypassed with misconfigured proxy

Risk 86
Severity
9.8
First published (updated )
CVE-2023-49792

Nextcloud ServerWorkflows do not require password confirmation on API level

Risk 34
Severity
5.4
First published (updated )
CVE-2023-49791

Nextcloud ServerNextcloud Server DNS pin middleware can be tricked into DNS rebinding allowing SSRF

Risk 86
Severity
9.8
First published (updated )
CVE-2023-48306

Nextcloud ServerNextcloud Server user_ldap app logs user passwords in the log file on level debug

Risk 26
Severity
4.4
First published (updated )
CVE-2023-48305

Nextcloud ServerNextcloud Server vulnerable to attacker enabling/disabling birthday calendar for any user

Risk 22
Severity
4.3
First published (updated )
CVE-2023-48304
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Nextcloud ServerNextcloud Server admins can change authentication details of user configured external storage

Risk 16
Severity
2.7
First published (updated )
CVE-2023-48303

Nextcloud ServerNextcloud Server vulnerable to Self XSS when pasting HTML into Text app with Ctrl+Shift+V

Risk 34
Severity
5.4
First published (updated )
CVE-2023-48302

Nextcloud ServerNextcloud Server HTML injection in search UI when selecting a circle with HTML in the display name

Risk 34
Severity
5.4
First published (updated )
CVE-2023-48301

Nextcloud ServerNextcloud Server users can make external storage mount points inaccessible for other users

Risk 55
Severity
8.5
First published (updated )
CVE-2023-48239

Nextcloud ServerRate limiter not working reliable when Memcached is installed in Nextcloud

Risk 22
Severity
4.3
First published (updated )
CVE-2023-45148
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203