CVE-2026-45810
Information Disclosure in Nextcloud Server
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nextcloud | server | From 31.0.0 (inc) to 31.0.12 (exc) |
| nextcloud | server | From 32.0.0 (inc) to 32.0.3 (exc) |
| nextcloud | enterprise_server | 21.0.9.20 |
| nextcloud | enterprise_server | 22.2.10.35 |
| nextcloud | enterprise_server | 23.0.12.31 |
| nextcloud | enterprise_server | 24.0.12.30 |
| nextcloud | enterprise_server | 25.0.13.25 |
| nextcloud | enterprise_server | 26.0.13.22 |
| nextcloud | enterprise_server | 27.1.11.22 |
| nextcloud | enterprise_server | 28.0.14.13 |
| nextcloud | enterprise_server | 29.0.16.10 |
| nextcloud | enterprise_server | 30.0.17.5 |
| nextcloud | enterprise_server | From 31.0.12 (inc) to 32.0.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-639 | The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Nextcloud Server involves a missing authorization check in the handling of file comments. Authenticated users who have access to any file comment could exploit this flaw to read the content of comments on all files, even those they should not have permission to access.
Specifically, the issue arises from a missing check in PROPFIND requests related to comment objects, allowing unauthorized reading of comments across files. This is classified as an authorization bypass vulnerability (CWE-639).
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized disclosure of sensitive information contained within file comments. An authenticated user with access to any comment could read comments on files they are not authorized to access, potentially exposing confidential or private information.
This could compromise data confidentiality and privacy within the Nextcloud environment, increasing the risk of information leakage.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, it is recommended to upgrade your Nextcloud Server to version 31.0.12 or 32.0.3.
For Nextcloud Enterprise Server, upgrade to one of the following patched versions: 21.0.9.20, 22.2.10.35, 23.0.12.31, 24.0.12.30, 25.0.13.25, 26.0.13.22, 27.1.11.22, 28.0.14.13, 29.0.16.10, 30.0.17.5, 31.0.12, or 32.0.3.
No workarounds are provided, so upgrading to the fixed versions is the immediate and effective step to prevent unauthorized access to comment data.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows authenticated users with access to any file comment to read the content of all comments, including those they should not have permission to access.
Such unauthorized access to potentially sensitive comment data could lead to violations of data protection regulations like GDPR and HIPAA, which require strict controls on access to personal and sensitive information.
Therefore, if exploited, this vulnerability may compromise compliance with these standards by enabling unauthorized disclosure of protected information.
It is recommended to upgrade to the patched versions to mitigate this risk and maintain compliance.