CyberRota
← Ana sayfaya dön

CVE-2026-45279

MEDIUM · CVSS 4.4 EPSS %0.39 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-01T19:16:49.980 · Çekilme zamanı: 2026-06-30T12:06:33.115177+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

GitHub PoC Linkleri
github.com github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-45279
Severity
MEDIUM
CVSS
4.4
EPSS
%0.39

Orijinal NVD Açıklaması

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31.0.0 to before 31.0.14, and 32.0.0 to before 32.0.4, if {lang} is used in the template directory config value, non-admin users can in some cases copy arbitrary files (depending on unix permissions) into their own Nextcloud directory via a path traversal. It is recommended that the Nextcloud Server is upgraded to 32.0.4, 31.0.14. It is recommended that the Nextcloud Enterprise Server is upgraded to 32.0.4, 31.0.14, 30.0.17.7, 29.0.17.12, 28.0.14.15