PT-2025-42498 · Nextcloud · Nextcloud Tables

Published

2025-10-16

Updated

2025-10-16

CVE-2025-58051

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Nextcloud Tables versions prior to 0.7.6 Nextcloud Tables versions prior to 0.8.8 Nextcloud Tables versions prior to 0.9.5

Description Nextcloud Tables allows users to create tables with custom columns. Prior to versions 0.7.6, 0.8.8, and 0.9.5, importing a table allowed a user to specify files on the server. If these files were in a format supported by the PhpSpreadsheet library, their content could be exposed to the user.

Recommendations Upgrade Nextcloud Tables to version 0.7.6 or later. Upgrade Nextcloud Tables to version 0.8.8 or later. Upgrade Nextcloud Tables to version 0.9.5 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-841

Related Identifiers

CVE-2025-58051

GHSA-WPP5-4W35-PXQ6

Affected Products

Nextcloud Tables

PT-2025-42498 · Nextcloud · Nextcloud Tables

CVE-2025-58051

Weakness Enumeration

Related Identifiers

Affected Products

References · 8