CVE-2026-45157
Information Disclosure in Nextcloud Server
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nextcloud | enterprise_server | From 26.0.0 (inc) to 33.0.3 (exc) |
| nextcloud | server | 32.0.9 |
| nextcloud | server | 33.0.3 |
| nextcloud | server | From 32.0.0 (inc) to 32.0.9 (exc) |
| nextcloud | server | From 33.0.0 (inc) to 33.0.3 (exc) |
| nextcloud | enterprise_server | 26.0.13.26 |
| nextcloud | enterprise_server | 27.1.11.25 |
| nextcloud | enterprise_server | 28.0.14.17 |
| nextcloud | enterprise_server | 29.0.16.16 |
| nextcloud | enterprise_server | 30.0.17.9 |
| nextcloud | enterprise_server | 31.0.14.5 |
| nextcloud | enterprise_server | From 32.0.9 (inc) to 33.0.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects Nextcloud Server versions 32.0.0 to before 32.0.9 and 33.0.0 to before 33.0.3, as well as certain Nextcloud Enterprise Server versions. When a malicious user has access to a file share of another user, they can misuse the share token to access temporary part files used during ongoing uploads. This happens because of improper access control, allowing unauthorized viewing of these temporary upload files.
The vulnerability requires low privileges and user interaction but can lead to a high impact on confidentiality since sensitive temporary files can be exposed.
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker with access to a shared file to view temporary upload files that they should not normally see. This can lead to unauthorized disclosure of sensitive data during file uploads.
The impact is primarily on confidentiality, as the attacker can access parts of files being uploaded temporarily. The integrity and availability of the system are less affected.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There are no specific detection commands or methods provided to identify this vulnerability on your network or system.
The vulnerability involves unauthorized access to temporary upload files via valid share tokens in affected Nextcloud versions, which requires having access to a file share.
What immediate steps should I take to mitigate this vulnerability?
The recommended immediate step to mitigate this vulnerability is to upgrade your Nextcloud Server or Enterprise Server to a patched version.
- Upgrade Nextcloud Server to version 32.0.9 or 33.0.3 or later.
- Upgrade Nextcloud Enterprise Server to one of the patched versions: 26.0.13.26, 27.1.11.25, 28.0.14.17, 29.0.16.16, 30.0.17.9, 31.0.14.5, 32.0.9, or 33.0.3.
No workarounds are provided, so applying the official patches is the primary mitigation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthorized access to temporary upload files of the share owner by a malicious user who has access to a shared file. Such unauthorized access to confidential data can lead to breaches of data privacy and confidentiality requirements.
Since regulations like GDPR and HIPAA mandate strict controls over personal and sensitive data to prevent unauthorized access and data leaks, this vulnerability could negatively impact compliance by exposing sensitive information during ongoing uploads.
Organizations using affected versions of Nextcloud Server or Enterprise Server should upgrade to patched versions to mitigate this risk and maintain compliance with these standards.