Circles
by Nextcloud
Source repositories
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45285 | Med | 0.35 | 6.4 | 0.00 | Jun 1, 2026 | Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes an external member (a person added via email address who does not have a… | ||
| CVE-2019-15610 | Med | 0.28 | 4.3 | 0.01 | Feb 4, 2020 | Improper authorization in the Circles app 0.17.7 causes retaining access when an email address was removed from a circle. | ||
| CVE-2023-48301 | Low | 0.00 | 3.5 | 0.01 | Nov 21, 2023 | Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, an attacker could insert links into circles name that would be… | ||
| CVE-2022-39330 | Med | 0.00 | 4.8 | 0.01 | Oct 27, 2022 | Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to versions 23.0.10 and 24.0.6 and Nextcloud Enterprise Server prior to versions 22.2.10, 23.0.10, and 24.0.6 are vulnerable to a logged-in attacker slowing… | ||
| CVE-2022-29163 | Low | 0.00 | 3.5 | 0.01 | May 20, 2022 | Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.6 and 23.0.3, a user can create a link that is not password protected even if the administrator requires links to be password protected. Versions 22.2.6 and… | ||
| CVE-2021-37630 | Med | 0.00 | 6.5 | 0.01 | Sep 7, 2021 | Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application allowed any user to join any "Secret Circle" without approval by the Circle owner leaking private information. It is recommended that… | ||
| CVE-2021-32782 | Med | 0.00 | 5.8 | 0.01 | Sep 7, 2021 | Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. Due the strict Content-Security-Policy shipped with Nextcloud, this… |
- risk 0.35cvss 6.4epss 0.00
Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes an external member (a person added via email address who does not have a…
- risk 0.28cvss 4.3epss 0.01
Improper authorization in the Circles app 0.17.7 causes retaining access when an email address was removed from a circle.
- risk 0.00cvss 3.5epss 0.01
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, an attacker could insert links into circles name that would be…
- risk 0.00cvss 4.8epss 0.01
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to versions 23.0.10 and 24.0.6 and Nextcloud Enterprise Server prior to versions 22.2.10, 23.0.10, and 24.0.6 are vulnerable to a logged-in attacker slowing…
- risk 0.00cvss 3.5epss 0.01
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.6 and 23.0.3, a user can create a link that is not password protected even if the administrator requires links to be password protected. Versions 22.2.6 and…
- risk 0.00cvss 6.5epss 0.01
Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application allowed any user to join any "Secret Circle" without approval by the Circle owner leaking private information. It is recommended that…
- risk 0.00cvss 5.8epss 0.01
Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. Due the strict Content-Security-Policy shipped with Nextcloud, this…