|
4141
|
10.0 |
CRITICAL
Network
|
-
|
-
|
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow (generate-schema.yaml) exposes sensitive credentials (Personal Access Token and…
|
CWE-94
Code Injection
|
CVE-2026-45132
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4142
|
4.6 |
MEDIUM
Physics
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From version 33.0.0 to before version 33.1.0, after unlocking a locked Android phone the back-button could be used to bypass the Nextcloud …
|
CWE-287
Improper Authentication
|
CVE-2026-45153
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4143
|
2.6 |
LOW
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From version 2.6.0 to before version 4.3.0, when a previous collective pages was deleted and the collective was shared view-only, guests wi…
|
CWE-284
Improper Access Control
|
CVE-2026-45154
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4144
|
2.6 |
LOW
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add u…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-45155
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4145
|
8.1 |
HIGH
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 0.3.0 to before 3.1.0, 5.0.0 to before 5.1.0, and 6.0.0 to before 6.4.0, a missing signature verification in User OIDC allowe…
|
CWE-287
Improper Authentication
|
CVE-2026-45156
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4146
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a malicious user has access to a file share of…
|
CWE-284
Improper Access Control
|
CVE-2026-45157
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4147
|
3.5 |
LOW
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 1.15.0 to before 1.15.4, 1.16.0 to before 1.16.3, 1.17.0 to before 1.17.1, and 1.18.0 to before 1.18.1, a malicious user with…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-45159
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4148
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 17.0.0 to before 17.0.15, 18.0.0 to before 18.1.12, 19.0.0 to before 19.1.16, 20.0.0 to before 20.1.11, and 21.0.0 to before …
|
CWE-284
Improper Access Control
|
CVE-2026-45264
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4149
|
3.5 |
LOW
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. Prior to versions 21.1.10, 22.0.11, and 23.0.3, a low-privileged user can force other user's microphones to be muted in calls when no High-…
|
CWE-284
Improper Access Control
|
CVE-2026-45266
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4150
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. Prior to version 5.2.6, a missing permissions check allowed users to request reading form submissions of other users. This issue has been p…
|
CWE-200
CWE-862
Information Exposure
Missing Authorization
|
CVE-2026-45267
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
