Nextcloud E2EE Files Drop Share Link Permission Bypass to Write to Other Folders (CVE-2026-45159)

github.com 2026-06-02查看中文 →

Security AdvisoryGHSA-p3qw-7gwx-wg24MediumNextcloud

Affected:

Nextcloud End-to-End Encryption >= 1.15.0
Nextcloud End-to-End Encryption >= 1.16.0
Nextcloud End-to-End Encryption >= 1.17.0
Nextcloud End-to-End Encryption >= 1.18.0

Fixed in:

1.15.4
1.16.3
1.17.1
1.18.1
2.0.0-rc.7

Referenced CVEs: CVE-2026-45159 · 3.5

文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive

This content was auto-fetched from github.com, cleaned by our LLM pipeline, and translated to English. View original.

More from this source

Mint HTTP/2 PUSH_PROMISE Memory Exhaustion Vulnerability Analysis 2026-06-03 OpenTelemetry v0.9.0 Security Patch: TLS, Protocol Parsing, and Memory Safety Fixes 2026-06-03 OpenTelemetry Bridge Instrumentation Redis Telemetry Data Leak (CVE-2024-45679) and Patch 2026-06-03 OpenTelemetry EBP MongoDB Parser DoS Vulnerability (GHSA-j8p6-96vp-ft39) 2026-06-03 Kernel Memory Disclosure via Java TLS ioctl kprobe in go.opentelemetry.io/otel 2026-06-03

Offline Archive

Offline screenshot & PDF are Pro-exclusive