Nextcloud Flow
2 CVEs affecting Nextcloud Flow. Latest disclosed: 2026-04-07. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-23696 | Critical | 9.9 | 2026-04-07 | Windmill CE and EE versions 1.276.0 through 1.603.2 contain an SQL injection vulnerability in the folder ownership management functionality that allows authent… |
CVE-2026-22683 | High | 8.8 | 2026-04-07 | Windmill versions 1.56.0 through 1.614.0 contain a missing authorization vulnerability that allows users with the Operator role to perform prohibited entity cr… |