CVE-2026-45722: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in nextcloud security-advisories
Nextcloud is an open source content collaboration platform. From versions 0.9.0 to before 0.9.7, and 1.0.0 to before 1.0.2, a missing sanitization in the Tables app allowed a user with access to the tables app to perform a limited SQL injection in the ORDER BY statement of a query. Compared to normal SQL injections, the ORDER BY is limited to extracting a single bit of information per request or to make the database wait for a given time. This issue has been patched in versions 0.9.7 and 1.0.2.
AI Analysis
Technical Summary
Nextcloud's Tables app versions 0.9.0 to <0.9.7 and 1.0.0 to <1.0.2 contain a SQL injection vulnerability due to missing sanitization in the ORDER BY statement of a query. This vulnerability allows an authenticated user with access to the Tables app to perform a limited SQL injection attack, which can extract a single bit of information per request or cause the database to delay responses. The issue is fixed in versions 0.9.7 and 1.0.2.
Potential Impact
Successful exploitation can lead to unauthorized disclosure of information from the database by extracting bits of data through the ORDER BY clause. The vulnerability does not allow modification of data (integrity impact is none) but can cause limited denial of service by making the database wait. The CVSS vector indicates high confidentiality impact, low attack complexity, and requires privileges (user access to the Tables app). No known exploits have been reported in the wild.
Mitigation Recommendations
Upgrade Nextcloud Tables app to version 0.9.7 or later, or 1.0.2 or later, where the vulnerability is patched. Since this is an application-level vulnerability, applying these official fixes is the recommended remediation. Patch status is confirmed by the vendor advisory stating the issue is fixed in these versions.
CVE-2026-45722: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in nextcloud security-advisories
Description
Nextcloud is an open source content collaboration platform. From versions 0.9.0 to before 0.9.7, and 1.0.0 to before 1.0.2, a missing sanitization in the Tables app allowed a user with access to the tables app to perform a limited SQL injection in the ORDER BY statement of a query. Compared to normal SQL injections, the ORDER BY is limited to extracting a single bit of information per request or to make the database wait for a given time. This issue has been patched in versions 0.9.7 and 1.0.2.
CVSS v3.1
Score 7.1high
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Nextcloud's Tables app versions 0.9.0 to <0.9.7 and 1.0.0 to <1.0.2 contain a SQL injection vulnerability due to missing sanitization in the ORDER BY statement of a query. This vulnerability allows an authenticated user with access to the Tables app to perform a limited SQL injection attack, which can extract a single bit of information per request or cause the database to delay responses. The issue is fixed in versions 0.9.7 and 1.0.2.
Potential Impact
Successful exploitation can lead to unauthorized disclosure of information from the database by extracting bits of data through the ORDER BY clause. The vulnerability does not allow modification of data (integrity impact is none) but can cause limited denial of service by making the database wait. The CVSS vector indicates high confidentiality impact, low attack complexity, and requires privileges (user access to the Tables app). No known exploits have been reported in the wild.
Mitigation Recommendations
Upgrade Nextcloud Tables app to version 0.9.7 or later, or 1.0.2 or later, where the vulnerability is patched. Since this is an application-level vulnerability, applying these official fixes is the recommended remediation. Patch status is confirmed by the vendor advisory stating the issue is fixed in these versions.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-13T05:51:48.666Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a1de30be29bf47b503a570d
Added to database: 6/1/2026, 7:52:43 PM
Last enriched: 6/1/2026, 7:55:17 PM
Last updated: 6/2/2026, 5:06:08 AM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.