CVE-2025-66551 | THREATINT

Description

Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.6 and 0.9.3, a malicious user was able to create their own table and then move a column to a victims table. This vulnerability is fixed in 0.8.6 and 0.9.3.

PUBLISHED Reserved 2025-12-04 | Published 2025-12-05 | Updated 2025-12-05 | Assigner GitHub_M

MEDIUM: 6.3CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L

Problem types

CWE-639: Authorization Bypass Through User-Controlled Key

Product status

>= 0.9.0-beta.1, < 0.9.3

affected

< 0.8.6

affected

References

github.com/...sories/security/advisories/GHSA-w787-vwqp-8wr7

github.com/nextcloud/tables/pull/1810

github.com/...ommit/39f24a62fb41fd7a8bda65325f8bbafdc91c731c

hackerone.com/reports/3137895

cve.org (CVE-2025-66551)

nvd.nist.gov (CVE-2025-66551)