Every CVE whose affected-product data names Nextcloud Mail, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2021-32652 — CVSS 8.8 (high): Nextcloud Mail is a mail app for the Nextcloud platform. A missing permission check in Nextcloud Mail before 1.4.3 and 1.8.2 allows another…
CVE-2022-31132 — CVSS 8.3 (high): Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path…
CVE-2024-52508 — CVSS 8.2 (high): Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an…
CVE-2020-8156 — CVSS 7.0 (high): A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack.
CVE-2023-23943 — CVSS 5.0 (medium): Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to…
CVE-2023-45660 — CVSS 4.3 (medium): Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies…
CVE-2021-32707 — CVSS 4.3 (medium): Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images…
CVE-2023-25160 — CVSS 4.1 (medium): Nextcloud Mail is an email app for the Nextcloud home server platform. Prior to versions 2.2.1, 1.14.5, 1.12.9, and 1.11.8, an attacker can…
CVE-2025-66514 — CVSS 3.5 (low): Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Prior to 5.5.3, a stored HTML injection in the Mail…
CVE-2021-39220 — CVSS 3.5 (low): Nextcloud is an open-source, self-hosted productivity platform The Nextcloud Mail application prior to versions 1.10.4 and 1.11.0 does by…
CVE-2023-33184 — CVSS 3.5 (low): Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It…
CVE-2023-48307 — CVSS 3.5 (low): Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Starting in version 1.13.0 and prior to version 2.2.8…
CVE-2024-52509 — CVSS 3.5 (low): Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching…
CVE-2022-31119 — CVSS 3.1 (low): Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions of Nextcloud mail would log user…
CVE-2023-23944 — CVSS 2.0 (low): Nextcloud mail is an email app for the nextcloud home server platform. In versions prior to 2.2.2 user's passwords were stored in cleartext…