CVE-2025-47794 Information

Description

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 29.0.13 30.0.7 and 31.0.1 and Nextcloud Enterprise Server prior to 26.0.13.13 27.1.11.13 28.0.14.4 29.0.13 30.0.7 and 31.0.1 an attacker on a multi-user system may read temporary files from Nextcloud running with a different user account or run a symlink attack. Nextcloud Server versions 29.0.13 30.0.7 and 31.0.1 and Nextcloud Enterprise Server 26.0.13.13 27.1.11.13 28.0.14.4 29.0.13 30.0.7 and 31.0.1 fix the issue. No known workarounds are available.

Reference

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-q568-2933-gcjq https://github.com/nextcloud/server/pull/51194 https://hackerone.com/reports/1960647