Nextcloud Talk

20 CVEs affecting Nextcloud Talk. Latest disclosed: 2025-12-05. Critical: 1, High: 2.

Top CVEs affecting Nextcloud Talk
CVESeverityScorePublishedSummary
CVE-2020-8180Critical9.92020-06-08A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a code injection when a not correctly sanitized talk command was added by an administrator.
CVE-2021-32689High8.12021-07-12Nextcloud Talk is a fully on-premises audio/video and chat communication service. In versions prior to 11.2.2, if a user was able to reuse an earlier used user…
CVE-2023-39957High7.82023-08-10Nextcloud Talk Android allows users to place video and audio calls through Nextcloud on Android. Prior to version 17.0.0, an unprotected intend allowed malicio…
CVE-2021-32676Medium6.52021-06-16Nextcloud Talk is a fully on-premises audio/video and chat communication service. Password protected shared chats in Talk before version 9.0.10, 10.0.8 and 11…
CVE-2021-39222Medium6.42021-11-15Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud Talk application was vulnerable to a stored Cross-Site Scripting (XSS) vulnerabil…
CVE-2018-3781Medium5.42018-08-13A missing sanitization of search results for an autocomplete field in NextCloud Talk <3.2.5 could lead to a stored XSS requiring user-interaction. The missing…
CVE-2019-15619Medium4.82020-02-04Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an X…
CVE-2021-41180Medium4.72022-03-08Nextcloud talk is a self hosting messaging service. In versions prior 12.1.2 an attacker is able to control the link of a geolocation preview in the Nextcloud…
CVE-2023-45149Medium4.32023-10-16Nextcloud talk is a chat module for the Nextcloud server platform. In affected versions brute force protection of public talk conversation passwords can be byp…
CVE-2022-39212Medium4.32022-09-17Nextcloud Talk is an open source chat, video & audio calls client for the Nextcloud platform. In affected versions an attacker could see the last video frame o…
CVE-2022-24887Medium4.32022-04-27Nextcloud Talk is a video and audio conferencing app for Nextcloud, a self-hosted productivity platform. Prior to versions 11.3.4, 12.2.2, and 13.0.0, when sha…
CVE-2025-66556Low3.52025-12-05Nextcloud talk is a video & audio conferencing app for Nextcloud. Prior to 20.1.8 and 21.1.2, a participant with chat permissions was able to delete poll draft…
CVE-2023-30540Low3.52023-04-17Nextcloud Talk is a chat, video & audio call extension for Nextcloud. In affected versions a user that was added later to a conversation can use this informati…
CVE-2023-28845Low3.52023-03-31Nextcloud talk is a video & audio conferencing app for Nextcloud. In affected versions the talk app does not properly filter access to a conversations member l…
CVE-2022-35932Low3.52022-08-12Nextcloud Talk is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.7, 13.0.7, and 14.0.3, password protected conversations are suscepti…
CVE-2022-41926Low3.32022-11-25Nextcould talk android is the android OS implementation of the nextcloud talk chat system. In affected versions the receiver is not protected by broadcastPermi…
CVE-2019-15620Low2.72020-02-04Improper access control in Nextcloud Talk 6.0.3 leaks the existance and the name of private conversations when linked them to another shared item via the proje…
CVE-2022-24890Low2.42022-05-17Nextcloud Talk is a video and audio conferencing app for Nextcloud. In versions prior to 13.0.5 and 14.0.0, a call moderator can indirectly enable user webcams…
CVE-2021-41181Low2.42022-03-08Nextcloud talk is a self hosting messaging service. In versions prior to 12.3.0 the Nextcloud Android Talk application did not properly detect the lockscreen s…
CVE-2023-22473Low2.12023-01-09Talk-Android enables users to have video & audio calls through Nextcloud on Android. Due to passcode bypass, an attacker is able to access the user's Nextcloud…