CVE-2026-45722
Analyzed Analyzed - Analysis Complete
SQL Injection in Nextcloud Tables App

Publication date: 2026-06-01

Last updated on: 2026-06-04

Assigner: GitHub, Inc.

Description
Nextcloud is an open source content collaboration platform. From versions 0.9.0 to before 0.9.7, and 1.0.0 to before 1.0.2, a missing sanitization in the Tables app allowed a user with access to the tables app to perform a limited SQL injection in the ORDER BY statement of a query. Compared to normal SQL injections, the ORDER BY is limited to extracting a single bit of information per request or to make the database wait for a given time. This issue has been patched in versions 0.9.7 and 1.0.2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-01
Last Modified
2026-06-04
Generated
2026-06-22
AI Q&A
2026-06-01
EPSS Evaluated
2026-06-20
NVD
CVE-2026-45722
EUVD
EUVD-2026-33719
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
nextcloud tables From 0.9.0 (inc) to 0.9.7 (exc)
nextcloud tables From 1.0.0 (inc) to 1.0.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

This vulnerability impacts data confidentiality by allowing an attacker with access to the Tables app to perform a limited SQL injection, potentially extracting sensitive information bit by bit. Such unauthorized data exposure can lead to non-compliance with regulations like GDPR and HIPAA, which mandate the protection of personal and sensitive data against unauthorized access.

Since the vulnerability does not affect data integrity or availability directly, the primary compliance concern revolves around confidentiality breaches. Organizations using affected versions of the Nextcloud Tables app should upgrade to patched versions to mitigate risks and maintain compliance with data protection standards.

Executive Summary

This vulnerability exists in the Nextcloud Tables app versions 0.9.0 to before 0.9.7, and 1.0.0 to before 1.0.2. It is caused by missing sanitization of user input in the ORDER BY clause of SQL queries used for sorting table views.

An attacker with access to the Tables app can exploit this flaw to perform a limited SQL injection attack. Unlike typical SQL injections, this one is limited to extracting a single bit of information per request or causing the database to delay its response.

The vulnerability has been patched in versions 0.9.7 and 1.0.2 of the app.

Impact Analysis

The primary impact of this vulnerability is on data confidentiality. An attacker exploiting this flaw can extract small amounts of information from the database.

The attack requires low privileges and no user interaction, making it easier to exploit if an attacker has access to the Tables app.

There is no direct impact on data integrity or availability, although the attacker can cause the database to delay responses, which might affect performance temporarily.

Detection Guidance

This vulnerability is a limited SQL injection in the ORDER BY clause of SQL queries within the Nextcloud Tables app. Detection would involve monitoring for unusual or suspicious SQL queries targeting the ORDER BY statement or abnormal delays in database responses caused by time-based injection attempts.

Since the vulnerability requires access to the Tables app, detection can include checking the version of the Nextcloud Tables app installed to see if it is within the vulnerable range (versions 0.9.0 to before 0.9.7, and 1.0.0 to before 1.0.2).

Specific commands to detect the vulnerability are not provided in the resources. However, general approaches could include:

  • Query the installed version of the Nextcloud Tables app to verify if it is vulnerable.
  • Monitor database logs for suspicious ORDER BY clauses or unusual query patterns.
  • Use SQL injection detection tools or scripts targeting ORDER BY injection vectors.
Mitigation Strategies

The primary mitigation step is to upgrade the Nextcloud Tables app to a patched version, specifically version 0.9.7 or later in the 0.9.x series, or version 1.0.2 or later in the 1.0.x series.

If upgrading immediately is not possible, a temporary workaround is to disable the Tables app to prevent exploitation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45722. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart