CVE-2026-45544

4.3 MEDIUM

Nextcloud is an open source content collaboration platform

Published: 2026-06-01 · Last updated: 2026-06-04

Severity and scoring

CVSS: 4.3 MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE: CWE-1230

Affected products

Vendor	Product
nextcloud	tables

Description

Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version 1.0.4, the view filter criteria is exposed to users with read-only permissions in Nextcloud Tables. This issue has been patched in versions 1.0.4 and 2.0.0.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-45544
[Vendor advisory]https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vvxm-6jjp-m9mp
[Patch]https://github.com/nextcloud/tables/pull/2312
[Other]https://hackerone.com/reports/3483753

Related CVEs

Same vendor

CVE-2026-45810 — Nextcloud is an open source content collaboration platform (6.8 MEDIUM)
CVE-2026-45722 — Nextcloud is an open source content collaboration platform (7.1 HIGH)
CVE-2026-45691 — Nextcloud is an open source content collaboration platform (5.9 MEDIUM)
CVE-2026-45690 — Nextcloud is an open source content collaboration platform (5.9 MEDIUM)
CVE-2026-45545 — Nextcloud is an open source content collaboration platform (8.2 HIGH)

Same CWE

CVE-2025-59601 — Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device... (6.5 MEDIUM)
CVE-2026-49270 — Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All (5.9 MEDIUM)