Improper Authorization in Nextcloud Server Affects Calendar Functionality
CVE-2026-45281
8.1HIGH
What is CVE-2026-45281?
Nextcloud Server, a widely used open-source content collaboration platform, has a vulnerability that allows authenticated users to potentially access and modify other users' calendars due to insufficient authorization mechanisms. This issue affects multiple versions of the software, making it critical for users to update their installations to the latest versions to ensure their data remains secure.
Affected Version(s)
security-advisories >= 32.0.0, < 32.0.9 < 32.0.0, 32.0.9
security-advisories >= 33.0.0, < 33.0.3 < 33.0.0, 33.0.3