Nextcloud Group Folders — known CVE vulnerabilities
Every CVE whose affected-product data names Nextcloud Group Folders, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-8153 — CVSS 8.1 (high): Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when renaming an accessible item to the same…
CVE-2025-47793 — CVSS 4.3 (medium): Nextcloud Server is a self hosted personal cloud system, and the Nextcloud Groupfolders app provides admin-configured folders shared by…
CVE-2025-66545 — CVSS 3.5 (low): Nextcloud Groupfolders provides admin-configured folders shared by everyone in a group or team. Prior to 14.0.11, 15.3.12, 16.0.15…