Important Security Notice: Nextcloud Update Required!

[MickLesk]

Background

The Federal Office for Information Security (BSI) (Germany) has conducted a security analysis of the open-source collaboration software Nextcloud as part of the "Code Analysis of Open Source Software" (CAOS 3.0) project. Several vulnerabilities have been identified and promptly addressed.

📌 Affected Components:

• Nextcloud Core
• Extensions:
  • "Two-Factor Admin Support"
  • "Two-Factor Email"
  • "Two-Factor TOTP Provider"
  • "Two-Factor Webauthn"

Required Actions

Since vulnerabilities are often exploited as entry points for cyberattacks, we strongly recommend that all users:

✔ Update Nextcloud to the latest version
✔ Check installed two-factor authentication plugins and verify updates
✔ Perform regular security updates

Further Information

The full analysis results have been published on the BSI website:
🔗 [BSI Security Notice on Nextcloud](https://www.bsi.bund.de/DE/Service-Navi/Presse/Alle-Meldungen-News/Meldungen/Projekt-CAOS-30_Nextcloud_250205.html)

Stay safe and ensure your systems are always up to date! 🔒