Nextcloud GmbH
Nextcloud Server
See the latest tracked release, confirm when it was published, and subscribe for update emails.
33.0.5
- Release date
- June 02, 2026
- Security status
- 1 high-severity CVE tracked in the last 90 days. Current version impact is unclear.
Source
GitHub API
Public release notes are linked for the latest stored release.
Release history
See the latest published releases stored for this product.
| Version | Published | Notes |
|---|---|---|
| 33.0.5 | 2026-06-02 | Release Notes |
| 33.0.4 | 2026-05-28 | Release Notes |
| 33.0.3 | 2026-04-30 | Release Notes |
| 33.0.2 | 2026-04-02 | Release Notes |
| 33.0.1 | 2026-03-26 | Release Notes |
Vulnerability tracking
versionPing monitors CVEs for this product. Matching CVEs are listed below. We only display CVEs with a CVSS score of 7.0 or higher that were published within the last 90 days.
Affected status is inferred from published affected version ranges where available. Always verify against the vendor advisory before making production decisions.
| CVE | Severity | Published | Status | Summary |
|---|---|---|---|---|
| CVE-2026-45281 | HIGH (8.1) | 2026-06-01 | Current versionunclear | Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, with the knowledge of other users’ principal URL an attacker could possibly send a request to gain full access to their calendar. Therefore, the attacker must be an authenticated user. This is because of improper authorization controls in the backend of the calendar. If the attacker had access to the calendar, they would be able to view and modify it. It is recommended that the Nextcloud Server is upgraded to 33.0.3 or 32.0.9. It is recommended that the Nextcloud Enterprise Server is upgraded to 33.0.3, 32.0.9, 31.0.14.5, 30.0.17.9, 29.0.16.16, 28.0.14.17, 27.1.11.26, 26.0.13.26, 25.0.13.29, 24.0.12.34, 23.0.12.35, 22.2.10.39, or 21.0.9.23 Affected versions
Show 11 more
|