Is Nextcloud affected by EUVD-2026-14563?

CVE-2026-32012 presents moderate security risk rated CVSS 4.8. Exploitation could compromise the security of affected deployments. A patch is available and should be applied during regular vulnerability management.

EUVD-2026-14563

| CVE-2026-32012 MEDIUM

2026-03-23 VulnCheck

GHSA-ffxm-98hg-x985

4.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

Low

Lifecycle Timeline

EUVD ID Assigned

Mar 23, 2026 - 22:00 euvd

EUVD-2026-14563

Analysis Generated

Mar 23, 2026 - 22:00 vuln.today

Patch Released

Mar 23, 2026 - 22:00 nvd

Patch available

CVE Published

Mar 23, 2026 - 21:36 nvd

MEDIUM 4.8

Description

OpenClaw before 2026.2.25 lacks durable replay state for Nextcloud Talk webhook events, allowing valid signed requests to be replayed. Attackers can capture and replay previously valid signed webhook requests to trigger duplicate inbound processing and cause integrity or availability issues.

Analysis

OpenClaw before version 2026.2.25 fails to implement durable replay state validation for Nextcloud Talk webhook events, allowing attackers to capture and replay previously valid signed webhook requests to cause duplicate processing. This affects all versions of OpenClaw prior to the patched release, and an attacker with network access can exploit this vulnerability without authentication or user interaction to trigger integrity and availability impacts such as duplicate message processing or resource exhaustion.

Remediation

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Vendor patch is available.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +24

POC: 0

EUVD-2026-14563 vulnerability details – vuln.today

Back

EUVD-2026-14563

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-14563

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code