QSearchQSearch

CVE-2026-45543

5.3 MEDIUM

Nextcloud is an open source content collaboration platform

Published: 2026-06-01 · Last updated: 2026-06-04

Severity and scoring

CVSS
5.3 MEDIUM
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE
CWE-552

Affected products

VendorProduct
nextcloudforms

Description

Nextcloud is an open source content collaboration platform. From version 4.3.0 to before version 5.2.7, a removed collaborator retains unauthorized read access to uploaded respondent files for the affected form. The scope is limited to uploaded files for forms where that user previously had results access. This issue has been patched in version 5.2.7.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-45810 Nextcloud is an open source content collaboration platform (6.8 MEDIUM)
  • CVE-2026-45722 Nextcloud is an open source content collaboration platform (7.1 HIGH)
  • CVE-2026-45691 Nextcloud is an open source content collaboration platform (5.9 MEDIUM)
  • CVE-2026-45690 Nextcloud is an open source content collaboration platform (5.9 MEDIUM)
  • CVE-2026-45545 Nextcloud is an open source content collaboration platform (8.2 HIGH)

Same CWE

  • CVE-2025-14771 Files or directories accessible to external parties vulnerability in ABB T-MAC Plus (9.9 CRITICAL)
  • CVE-2026-40425 The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to auth... (5.7 MEDIUM)
  • CVE-2026-45088 Dalfox is a powerful open-source XSS scanner and utility focused on automation (7.5 HIGH)
  • CVE-2024-56462 IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be rest... (7.2 HIGH)
  • CVE-2024-11399 Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2... (6.8 MEDIUM)