Vulnerabilities

CVE-2025-64011 - Nextcloud Server IDOR

2025-12-12 0 views admin
CVE-2025-64011 - Nextcloud Server IDOR

CVE ID : CVE-2025-64011 Published : Dec. 12, 2025, 5:15 p.m. | 44 minutes ago Description : Nextcloud Server 30.0.0 is vulnerable to an Insecure Direct Object Reference (IDOR) in the /core/preview endpoint. Any authenticated user can access previews of arbitrary files belonging to other users by manipulating the fileId parameter. This allows unauthorized disclosure of sensitive data, such as text files or images, without prior sharing permissions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

Published
Dec. 12, 2025

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-64011

More from Vulnerabilities

CVE-2025-14672 - gmg137 snap7-rs s7_micro_client.cpp opWriteArea heap-based overflow

CVE-2025-14672 - gmg137 snap7-rs s7_micro_client.cpp opWriteArea heap-based overflow

2025-12-14 0
CVE-2025-14674 - aizuda snail-job QLExpressEngine.java QLExpressEngine.doEval injection

CVE-2025-14674 - aizuda snail-job QLExpressEngine.java QLExpressEngine.doEval injection

2025-12-14 0
CVE-2025-14673 - gmg137 snap7-rs client.rs as_ct_write heap-based overflow

CVE-2025-14673 - gmg137 snap7-rs client.rs as_ct_write heap-based overflow

2025-12-14 0
CVE-2025-14665 - Tenda WH450 HTTP Request DhcpListClient stack-based overflow

CVE-2025-14665 - Tenda WH450 HTTP Request DhcpListClient stack-based overflow

2025-12-14 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views