VYPR
Medium severity4.3NVD Advisory· Published Jun 1, 2026· Updated Jun 1, 2026

CVE-2026-45264

CVE-2026-45264

Description

Nextcloud is an open source content collaboration platform. From versions 17.0.0 to before 17.0.15, 18.0.0 to before 18.1.12, 19.0.0 to before 19.1.16, 20.0.0 to before 20.1.11, and 21.0.0 to before 21.0.4, a user with READ and CREATE permission, but no UPDATE permission for a team folder can rename files in the team folder. This issue has been patched in versions 17.0.15, 18.1.12, 19.1.16, 20.1.11, and 21.0.4.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • Range: 17.0.0-17.0.14, 18.0.0-18.1.11, 19.0.0-19.1.15, 20.0.0-20.1.10, 21.0.0-21.0.3

Patches

Vulnerability mechanics

References

3

News mentions

1