CyberRota
← Ana sayfaya dön

CVE-2026-45722

HIGH · CVSS 7.1 EPSS %0.30 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-01T19:16:52.840 · Çekilme zamanı: 2026-06-30T12:06:37.784694+00:00

CyberRota Yorumu

SQL Injection riski içeriyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

GitHub PoC Linkleri
github.com github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-45722
Severity
HIGH
CVSS
7.1
EPSS
%0.30

Orijinal NVD Açıklaması

Nextcloud is an open source content collaboration platform. From versions 0.9.0 to before 0.9.7, and 1.0.0 to before 1.0.2, a missing sanitization in the Tables app allowed a user with access to the tables app to perform a limited SQL injection in the ORDER BY statement of a query. Compared to normal SQL injections, the ORDER BY is limited to extracting a single bit of information per request or to make the database wait for a given time. This issue has been patched in versions 0.9.7 and 1.0.2.