Nextcloud Notes
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Nextcloud Notes.
By the Year
In 2026 there have been 0 vulnerabilities in Nextcloud Notes. Notes did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 4.60 |
| 2023 | 1 | 6.10 |
It may take a day or so for new Notes vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Nextcloud Notes Security Vulnerabilities
Nextcloud Notes 4.9.2: Shared Notes/ Folder Enables Personal Note Storage
CVE-2024-37317
4.6 - Medium
- June 14, 2024
The Nextcloud Notes app is a distraction free notes taking app for Nextcloud. If an attacker managed to share a folder called `Notes/` with a newly created user before they logged in, the Notes app would use that folder store the personal notes. It is recommended that the Nextcloud Notes app is upgraded to 4.9.3.
AuthZ
NextCloud Notes HTML Preview XSS 4.4.0-4.7.99
CVE-2023-39955
6.1 - Medium
- August 10, 2023
Notes is a note-taking app for Nextcloud, an open-source cloud platform. Starting in version 4.4.0 and prior to version 4.8.0, when creating a note file with HTML, the content is rendered in the preview instead of the file being offered to download. Nextcloud Notes app version 4.8.0 contains a patch for the issue. No known workarounds are available.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Nextcloud Notes or by Nextcloud? Click the Watch button to subscribe.
