CVE-2026-45722
SQL Injection in Nextcloud Tables App
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nextcloud | tables | 0.9.7 |
| nextcloud | tables | 1.0.2 |
| nextcloud | tables | From 0.9.0 (inc) to 0.9.7 (exc) |
| nextcloud | tables | From 1.0.0 (inc) to 1.0.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Nextcloud Tables app versions 0.9.0 to before 0.9.7, and 1.0.0 to before 1.0.2. It is caused by missing sanitization of user input in the ORDER BY clause of SQL queries used for sorting table views.
An attacker with access to the Tables app can exploit this flaw to perform a limited SQL injection attack. Unlike typical SQL injections, this one is limited to extracting a single bit of information per request or causing the database to delay its response.
The vulnerability has been patched in versions 0.9.7 and 1.0.2 of the app.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability impacts data confidentiality by allowing an attacker with access to the Tables app to perform a limited SQL injection, potentially extracting sensitive information bit by bit. Such unauthorized data exposure can lead to non-compliance with regulations like GDPR and HIPAA, which mandate the protection of personal and sensitive data against unauthorized access.
Since the vulnerability does not affect data integrity or availability directly, the primary compliance concern revolves around confidentiality breaches. Organizations using affected versions of the Nextcloud Tables app should upgrade to patched versions to mitigate risks and maintain compliance with data protection standards.
How can this vulnerability impact me? :
The primary impact of this vulnerability is on data confidentiality. An attacker exploiting this flaw can extract small amounts of information from the database.
The attack requires low privileges and no user interaction, making it easier to exploit if an attacker has access to the Tables app.
There is no direct impact on data integrity or availability, although the attacker can cause the database to delay responses, which might affect performance temporarily.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a limited SQL injection in the ORDER BY clause of SQL queries within the Nextcloud Tables app. Detection would involve monitoring for unusual or suspicious SQL queries targeting the ORDER BY statement or abnormal delays in database responses caused by time-based injection attempts.
Since the vulnerability requires access to the Tables app, detection can include checking the version of the Nextcloud Tables app installed to see if it is within the vulnerable range (versions 0.9.0 to before 0.9.7, and 1.0.0 to before 1.0.2).
Specific commands to detect the vulnerability are not provided in the resources. However, general approaches could include:
- Query the installed version of the Nextcloud Tables app to verify if it is vulnerable.
- Monitor database logs for suspicious ORDER BY clauses or unusual query patterns.
- Use SQL injection detection tools or scripts targeting ORDER BY injection vectors.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade the Nextcloud Tables app to a patched version, specifically version 0.9.7 or later in the 0.9.x series, or version 1.0.2 or later in the 1.0.x series.
If upgrading immediately is not possible, a temporary workaround is to disable the Tables app to prevent exploitation.