CVE-2026-45275
EUVD-2026-3370201.06.2026, 19:16
Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, a privilege escalation vulnerability exists in the Approval app that allows a user without sharing permissions to force the system to share a file with approvers. This results in an authorization bypass and privilege escalation, allowing unauthorized distribution of restricted files. This issue has been patched in version 2.7.2.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| nextcloud | approval | 𝑥 < 2.7.2 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration