CVE-2026-45266

Published: Giu 01, 2026 Last Modified: Giu 01, 2026
ExploitDB:
Other exploit source:
Google Dorks:
LOW 3,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: required
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: none

Description

AI Translation Available

Nextcloud is an open source content collaboration platform. Prior to versions 21.1.10, 22.0.11, and 23.0.3, a low-privileged user can force other user's microphones to be muted in calls when no High-performance Backend is installed. This issue has been patched in versions 21.1.10, 22.0.11, and 23.0.3.

284

Improper Access Control

Incomplete
Abstraction: Pillar Structure: Simple
Common Consequences
Security Scopes Affected:
Other
Potential Impacts:
Varies By Context
Applicable Platforms
Technologies: Not Technology-Specific, ICS/OT, Web Based
View CWE Details
https://github.com/nextcloud/security-advisories/security/a…
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-x75r-…
https://github.com/nextcloud/spreed/pull/17577
https://github.com/nextcloud/spreed/pull/17577
https://hackerone.com/reports/3636758
https://hackerone.com/reports/3636758