|
3711
|
2.6 |
LOW
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From version 2.6.0 to before version 4.3.0, when a previous collective pages was deleted and the collective was shared view-only, guests wi…
|
CWE-284
Improper Access Control
|
CVE-2026-45154
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3712
|
2.6 |
LOW
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add u…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-45155
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3713
|
8.1 |
HIGH
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 0.3.0 to before 3.1.0, 5.0.0 to before 5.1.0, and 6.0.0 to before 6.4.0, a missing signature verification in User OIDC allowe…
|
CWE-287
Improper Authentication
|
CVE-2026-45156
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3714
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a malicious user has access to a file share of…
|
CWE-284
Improper Access Control
|
CVE-2026-45157
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3715
|
3.5 |
LOW
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 1.15.0 to before 1.15.4, 1.16.0 to before 1.16.3, 1.17.0 to before 1.17.1, and 1.18.0 to before 1.18.1, a malicious user with…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-45159
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3716
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 17.0.0 to before 17.0.15, 18.0.0 to before 18.1.12, 19.0.0 to before 19.1.16, 20.0.0 to before 20.1.11, and 21.0.0 to before …
|
CWE-284
Improper Access Control
|
CVE-2026-45264
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3717
|
3.5 |
LOW
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. Prior to versions 21.1.10, 22.0.11, and 23.0.3, a low-privileged user can force other user's microphones to be muted in calls when no High-…
|
CWE-284
Improper Access Control
|
CVE-2026-45266
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3718
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. Prior to version 5.2.6, a missing permissions check allowed users to request reading form submissions of other users. This issue has been p…
|
CWE-200
CWE-862
Information Exposure
Missing Authorization
|
CVE-2026-45267
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3719
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Inappropriate implementation in ANGLE in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security …
|
CWE-269
Improper Privilege Management
|
CVE-2026-9999
|
2026-06-2 03:14 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3720
|
7.8 |
HIGH
Local
|
-
|
-
|
Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of …
|
CWE-77
Command Injection
|
CVE-2026-38945
|
2026-06-2 03:12 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
