Nextcloud · Nextcloud · CVE-2026-45278
**Name of the Vulnerable Software and Affected Versions**
Nextcloud versions 6.1.0 through 8.2.1
**Description**
An attacker can craft malicious links that redirect users to an external website when the victim attempts to log in using OpenID Connect (OIDC), a protocol used for authentication.
**Recommendations**
Update to version 8.2.2.