Low severity3.3NVD Advisory· Published Jun 1, 2026· Updated Jun 3, 2026
CVE-2026-45277
CVE-2026-45277
Description
Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, authenticated users can check if arbitrary files are associated with specific approval workflows where they can request approval. This issue has been patched in version 2.7.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/nextcloud/approval/pull/356nvdIssue TrackingPatch
- github.com/nextcloud/security-advisories/security/advisories/GHSA-h7gm-vgxr-9hcwnvdMitigationVendor Advisory
- hackerone.com/reports/3475210nvdPermissions Required
News mentions
1- Nextcloud Server: 25 Vulnerabilities Disclosed in Single BatchVypr Intelligence · Jun 1, 2026