Nextcloud Two-factor Webauthn — known CVE vulnerabilities
Every CVE whose affected-product data names Nextcloud Two-factor Webauthn, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2025-66558 — CVSS 3.1 (low): Nextcloud Twofactor WebAuthn is the WebAuthn Two-Factor Provider for Nextcloud. Prior to 1.4.2 and 2.4.1, a missing ownership check allowed…