Known Vulnerabilities for Approval by Nextcloud
Listed below are 2 of the newest known vulnerabilities associated with "Approval" by "Nextcloud".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-58448 json | yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated use... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-58424 json | Permanent Fork PR Workflow Approval Gate Bypass | Not Provided | 2026-07-03 | 2026-07-06 |
| CVE-2026-58370 json | Woodpecker before 3.15.0 matches the ApprovalAllowedUsers bypass list against pipeline.Author. For the GitLab forge driver, p... | Not Provided | 2026-06-30 | 2026-07-02 |
| CVE-2026-58176 json | RuoYi-Vue-Plus through 5.6.2, fixed in commit 88d03d9, exposes workflow task management endpoints under /workflow/task (FlwTa... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-56694 json | NanoClaw before 2.1.0 contains a privilege escalation vulnerability in the channel-registration approval flow where handleCha... | Not Provided | 2026-06-23 | 2026-06-23 |
| CVE-2026-56402 json | NanoClaw before 2.1.17 contains a privilege escalation vulnerability in the handleApprovalsResponse function that fails to ve... | Not Provided | 2026-06-23 | 2026-06-23 |
| CVE-2026-56075 json | PraisonAI before 4.5.128 contains an arbitrary shell command execution vulnerability where the UI modules hardcode approval_m... | Not Provided | 2026-06-18 | 2026-06-22 |
| CVE-2026-56074 json | PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent e... | Not Provided | 2026-06-18 | 2026-06-22 |
| CVE-2026-55487 json | pnpm is a package manager. Prior to 10.34.2 and 11.5.3, the generic peer-suffix normalizer also stripped parenthesized text f... | Not Provided | 2026-06-25 | 2026-06-25 |
| CVE-2026-53866 json | OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command parsing that allows authenticate... | Not Provided | 2026-06-16 | 2026-06-18 |