A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended. Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Nextcloud
Information Disclosure
Nextcloud Server
NVD
CVSS 3.1
2.2
EPSS
0.4%