Description
Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, a privilege escalation vulnerability exists in the Approval app that allows a user without sharing permissions to force the system to share a file with approvers. This results in an authorization bypass and privilege escalation, allowing unauthorized distribution of restricted files. This issue has been patched in version 2.7.2.
Published: 2026-06-01
Score: 6.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A privilege escalation flaw exists in the Nextcloud Approval app that allows a user lacking file‑sharing rights to force the system to share a file with approvers. The vulnerability is a classic authorization bypass described by CWE‑285, resulting in unauthorized distribution of restricted files and loss of confidentiality for the owners of those files.

Affected Systems

Any Nextcloud instance that has the Approval app installed and running a version earlier than 2.7.2 is affected. The vulnerability applies to the Approval app component of the Nextcloud platform, regardless of the underlying operating system or database. Users should check the app version in the Nextcloud app store or the admin dashboard.

Risk and Exploitability

The vulnerability scored 6.5 on the CVSS scale, indicating a moderate risk level. EPSS information is not available, so the exact likelihood of exploitation cannot be quantified, but the flaw is listed in a public advisory and relies on normal web interface interaction. Because it is not currently included in the CISA KEV catalog, no public exploits have been reported yet. An attacker who can log into the Approval app with limited permissions can craft a request that triggers the bypass; the attack can be carried out while the user is authenticated to the Nextcloud instance and requires no additional privilege escalation beyond the existing user credentials.

Generated by OpenCVE AI on June 1, 2026 at 20:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Nextcloud Approval app to version 2.7.2 or later, which contains the fix for the bypass.
  • Revoke any shared links that may have been created during the vulnerability window and regenerate them only for trusted users.
  • Disable the Approval app or restrict it to a privileged user group until the update is applied.
  • Review and tighten file‑sharing permissions in Nextcloud to ensure that only authorized users can share restricted content.

Generated by OpenCVE AI on June 1, 2026 at 20:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 01 Jun 2026 19:00:00 +0000

Type Values Removed Values Added
Description Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, a privilege escalation vulnerability exists in the Approval app that allows a user without sharing permissions to force the system to share a file with approvers. This results in an authorization bypass and privilege escalation, allowing unauthorized distribution of restricted files. This issue has been patched in version 2.7.2.
Title Nextcloud: Authorization bypass in approval feature allows unauthorized file sharing with approvers
Weaknesses CWE-285
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-01T19:31:53.967Z

Reserved: 2026-05-11T18:41:13.157Z

Link: CVE-2026-45275

cve-icon Vulnrichment

Updated: 2026-06-01T19:31:49.154Z

cve-icon NVD

Status : Received

Published: 2026-06-01T19:16:49.517

Modified: 2026-06-01T19:16:49.517

Link: CVE-2026-45275

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-01T20:30:17Z

Weaknesses