CVE-2026-45545
SQL Injection in Nextcloud Tables App
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nextcloud | tables | From 0.7.0 (inc) |
| nextcloud | tables | From 0.8.0 (inc) |
| nextcloud | tables | From 0.9.0 (inc) |
| nextcloud | tables | From 1.0.0 (inc) |
| nextcloud | tables | to 0.7.7 (exc) |
| nextcloud | tables | to 0.8.10 (exc) |
| nextcloud | tables | to 0.9.8 (exc) |
| nextcloud | tables | to 1.0.4 (exc) |
| nextcloud | tables | 0.7.0 |
| nextcloud | tables | 0.8.0 |
| nextcloud | tables | 0.9.0 |
| nextcloud | tables | 1.0.0 |
| nextcloud | nextcloud | From 0.7.0 (inc) to 0.7.7 (exc) |
| nextcloud | nextcloud | From 0.8.0 (inc) to 0.8.10 (exc) |
| nextcloud | nextcloud | From 0.9.0 (inc) to 0.9.8 (exc) |
| nextcloud | nextcloud | From 1.0.0 (inc) to 1.0.4 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-45545 is a SQL injection vulnerability in the Nextcloud Tables app that affects versions from 0.7.0 up to but not including 0.7.7, 0.8.0 up to but not including 0.8.10, 0.9.0 up to but not including 0.9.8, and 1.0.0 up to but not including 1.0.4.
An authenticated attacker with access to the Tables app can execute arbitrary SQL queries up to 20 bytes in length through a stored injection. With carefully crafted input, the attacker can bypass this length limitation.
This allows the attacker to extract information from the database or modify data, potentially compromising the confidentiality and integrity of the system.
The vulnerability has been patched in versions 0.7.7, 0.8.10, 0.9.8, 1.0.4, and 2.0.0.
How can this vulnerability impact me? :
This vulnerability can have serious impacts including unauthorized extraction and modification of database information.
An attacker with low privileges and no user interaction required can exploit this vulnerability remotely over the network.
The impact includes compromise of data confidentiality and integrity, potentially leading to data breaches or unauthorized data manipulation.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects Nextcloud versions 0.7.0 to before 0.7.7, 0.8.0 to before 0.8.10, 0.9.0 to before 0.9.8, and 1.0.0 to before 1.0.4, specifically the Tables app. Detection involves verifying if your Nextcloud instance is running one of these vulnerable versions with the Tables app enabled.
Since the vulnerability requires authenticated access to the Tables app and involves SQL injection, monitoring for unusual or unauthorized SQL queries or database activity related to the Tables app could help detect exploitation attempts.
No specific detection commands are provided in the available resources. However, you can check the installed Nextcloud version and the presence of the Tables app with commands like:
- Check Nextcloud version: `occ status` or `occ version`
- List installed apps: `occ app:list` and verify if the Tables app is enabled
Additionally, reviewing database logs for suspicious SQL queries or using network monitoring tools to detect unusual traffic patterns related to the Tables app might help, but no explicit commands are provided.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation is to upgrade Nextcloud to a patched version where this vulnerability is fixed. The patched versions are 0.7.7, 0.8.10, 0.9.8, 1.0.4, and 2.0.0 or later.
If immediate upgrading is not possible, a recommended workaround is to disable the Tables app to prevent exploitation.
Since the vulnerability requires authenticated access, reviewing and restricting user permissions to the Tables app can also reduce risk.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows an authenticated attacker to execute arbitrary SQL queries, potentially extracting or modifying sensitive data stored in the Nextcloud Tables app database.
Such unauthorized access and modification of data can lead to breaches of confidentiality and integrity, which are critical requirements under common standards and regulations like GDPR and HIPAA.
Therefore, if exploited, this vulnerability could result in non-compliance with these regulations due to unauthorized data exposure or alteration.