Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 29+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
Authentication Bypass Risk in Appointment System via Token Parameter
github.com · 2025-12-06
Nextcloud Calendar
Read more
Medium
Nextcloud System Address Book Information Disclosure Fix
github.com · 2025-12-06
Nextcloud Server
Read more
High
Nextcloud WebAuthn Credential IDOR Vulnerability Fix Analysis
github.com · 2025-12-06
nextcloud/twofactor_webauthn < 1.4.x (stable1.4 branch)
Read more
Low
Nextcloud Approval Privilege Escalation via File ID (CVE-2025-66515)
CVE-2025-66515 · github.com · 2025-12-06
Nextcloud Approval >= 1.0.0 · Nextcloud Approval >= 2.0.0
Read more
Medium
Nextcloud Tables Information Disclosure Vulnerability (CVE-2025-66553)
GHSA-p53h-6294-crw · github.com · 2025-12-06
Tables >= 0.8.0 · Tables >= 0.9.0
Read more
Medium
Nextcloud Contacts Search Information Disclosure via Missing Access Control (CVE-2025-66510)
GHSA-495w-cqv6-wr59 · github.com · 2025-12-06
Nextcloud Server >= 31.0.0, >= 32.0.0 · Nextcloud Enterprise Server >= 28.0.0, >= 29.0.0, >= 30.0.0, >= 31.0.0
Read more
Low
Nextcloud user_saml Open Redirect via RelayState (CVE-2024-22400)
CVE-2024-22400 · github.com · 2025-11-11
user_saml >= 5.0.0 · user_saml >= 5.1.0 …
Read more
Low
Nextcloud Disabled Shares Allow Download via Preview Images (CVE-2022-41970)
GHSA-9mh6-cph8-772c · github.com · 2025-11-09
Nextcloud Server < 24.0.7 · Nextcloud Server < 25.0.1 …
Read more
CVSS 6.5
Nextcloud Tables Local File Inclusion via PhpSpreadsheet (CVE-2025-58051)
github.com · 2025-10-17

### Critical Vulnerability Information #### Vulnerability Title - **Tables app allowed to include local file via PhpSpreadsheet when importing a table** #### Severity - **Severity**: Moderate (6.5/10)…

Read more
CVSS 2.6
Nextcloud CVE-2025-47794 Insecure Temporary File Creation Vulnerability
github.com · 2025-05-17

### Critical Vulnerability Information #### Vulnerability Title - **Insecure temporary file creation, race with write access and permission** #### Severity - **Severity**: Low (2.6 / 10) #### Affected…

Read more
CVSS 4.3
Nextcloud Groupfolders Quota Bypass via Attachment (CVE-2025-47793)
github.com · 2025-05-17

### Critical Vulnerability Information #### Vulnerability Title - **Bypass group folder quota limit using attachment in text file** #### Severity - **Moderate** - **CVSS v3 base metrics**: 4.3/10 ####…

Read more
CVSS 4.3
Nextcloud CVE-2025-47791: Unrate-limited endpoint allows SSRF
github.com · 2025-05-17

### Critical Vulnerability Information #### Vulnerability Title - **Test remote endpoint is not rate limited** #### Severity - **Level**: Moderate - **CVSS v3 Base Metrics**: - Attack Vector: Adjacent…

Read more
CVSS 6.4
Nextcloud Session Timeout Bypasses 2FA (Moderate Severity)
github.com · 2025-05-17

### Key Information #### Vulnerability Title - **Second factor not requested after session timeout** #### Severity - **Moderate** - CVSS v3 base metrics: 6.4 / 10 #### Affected Scope - **Package**: Se…

Read more
CVSS 4.6
Nextcloud External Storage Global Credentials Leakage
github.com · 2024-11-17

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Global credentials of external storages are sent bac…

Read more
CVSS 2.6
Nextcloud Background Job Hash Collision Vulnerability (CVE-2024-52521)
github.com · 2024-11-17

### Key Information #### Vulnerability Description - **Title**: Potential hash collision for background jobs could skip queuing them - **Publisher**: nickvergessen - **Vulnerability ID**: GHSA-2q6f-gj…

Read more
CVSS 2.6
Nextcloud Background Job Argument Hashing Upgraded from MD5 to SHA256
github.com · 2024-11-17

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Code Changes**: - File: `core/Migrations/Version28000Date20240828142927.php` - Code modificatio…

Read more
CVSS 2.6
Nextcloud Attachments Folder Accessible on Password Protected Shares
github.com · 2024-11-17

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Attachments folder for Text app is accessible on "Fi…

Read more
CVSS 3.5
Nextcloud Tables Information Disclosure Vulnerability (GHSA-rgvc-xr2w-qq45)
github.com · 2024-11-17

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Share information of Tables app is not …

Read more
CVSS 4.2
Nextcloud Client-Side Encryption Signature Validation Bypass Fix
github.com · 2024-11-17

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Code Changes**: - Changes were made in the files `src/libsync/discoveryphase.cpp`, `src/libsyn…

Read more
CVSS 1.8
Nextcloud User Password Cleartext in Memory Vulnerability (GHSA-w7v5-mgxm-v6gm)
github.com · 2024-11-17

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: User password is available in memory of…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.