Vulnerability Database

310,469

Total vulnerabilities in the database

CVE-2025-66553

Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.7 and 0.9.4, authenticated users were able to view meta data of columns in other tables of the Tables app by modifying the numeric ID in a request. This vulnerability is fixed in 0.8.7 and 0.9.4.

Published: Dec 5, 2025
Updated: Dec 6, 2025
CVE: CVE-2025-66553
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-639

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

No affected software listed.

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-p53h-6294-crjw
https://github.com/nextcloud/tables/commit/e975f5bfedb6922f04cdd236cde4e26067fe064e
https://github.com/nextcloud/tables/pull/1891
https://hackerone.com/reports/3138721

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo