Every CVE whose affected-product data names Nextcloud Talk, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2020-8180 — CVSS 9.9 (critical): A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a code injection when a not correctly sanitized talk command was added by…
CVE-2021-32689 — CVSS 8.1 (high): Nextcloud Talk is a fully on-premises audio/video and chat communication service. In versions prior to 11.2.2, if a user was able to reuse…
CVE-2023-39957 — CVSS 7.8 (high): Nextcloud Talk Android allows users to place video and audio calls through Nextcloud on Android. Prior to version 17.0.0, an unprotected…
CVE-2021-32676 — CVSS 6.5 (medium): Nextcloud Talk is a fully on-premises audio/video and chat communication service. Password protected shared chats in Talk before version…
CVE-2021-39222 — CVSS 6.4 (medium): Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud Talk application was vulnerable to a stored Cross-Site…
CVE-2018-3781 — CVSS 5.4 (medium): A missing sanitization of search results for an autocomplete field in NextCloud Talk <3.2.5 could lead to a stored XSS requiring…
CVE-2019-15619 — CVSS 4.8 (medium): Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud…
CVE-2021-41180 — CVSS 4.7 (medium): Nextcloud talk is a self hosting messaging service. In versions prior 12.1.2 an attacker is able to control the link of a geolocation…
CVE-2023-45149 — CVSS 4.3 (medium): Nextcloud talk is a chat module for the Nextcloud server platform. In affected versions brute force protection of public talk conversation…
CVE-2022-24887 — CVSS 4.3 (medium): Nextcloud Talk is a video and audio conferencing app for Nextcloud, a self-hosted productivity platform. Prior to versions 11.3.4, 12.2.2…
CVE-2022-39212 — CVSS 4.3 (medium): Nextcloud Talk is an open source chat, video & audio calls client for the Nextcloud platform. In affected versions an attacker could see…
CVE-2025-66556 — CVSS 3.5 (low): Nextcloud talk is a video & audio conferencing app for Nextcloud. Prior to 20.1.8 and 21.1.2, a participant with chat permissions was able…
CVE-2022-35932 — CVSS 3.5 (low): Nextcloud Talk is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.7, 13.0.7, and 14.0.3, password protected…
CVE-2023-28845 — CVSS 3.5 (low): Nextcloud talk is a video & audio conferencing app for Nextcloud. In affected versions the talk app does not properly filter access to a…
CVE-2023-30540 — CVSS 3.5 (low): Nextcloud Talk is a chat, video & audio call extension for Nextcloud. In affected versions a user that was added later to a conversation…
CVE-2022-41926 — CVSS 3.3 (low): Nextcould talk android is the android OS implementation of the nextcloud talk chat system. In affected versions the receiver is not…
CVE-2019-15620 — CVSS 2.7 (low): Improper access control in Nextcloud Talk 6.0.3 leaks the existance and the name of private conversations when linked them to another…
CVE-2021-41181 — CVSS 2.4 (low): Nextcloud talk is a self hosting messaging service. In versions prior to 12.3.0 the Nextcloud Android Talk application did not properly…
CVE-2022-24890 — CVSS 2.4 (low): Nextcloud Talk is a video and audio conferencing app for Nextcloud. In versions prior to 13.0.5 and 14.0.0, a call moderator can indirectly…
CVE-2023-22473 — CVSS 2.1 (low): Talk-Android enables users to have video & audio calls through Nextcloud on Android. Due to passcode bypass, an attacker is able to access…