VYPR
Unrated severityNVD Advisory· Published Dec 5, 2025· Updated Dec 5, 2025

Nextcloud Server users can modify tags on files that do not belong to them

CVE-2025-66547

Description

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Enterprise Server prior to 31.0.1, non-privileged users can modify tags on files they should not have access to via bulk tagging. This vulnerability is fixed in 31.0.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.