CVE-2026-45156 | Nextcloud User OIDC up to 3.0.x/5.0.x/6.3.x ID4me improper authentication (GHSA-qqgv-fqwp-mjpp)

A vulnerability identified as critical has been detected in Nextcloud User OIDC up to 3.0.x/5.0.x/6.3.x. Impacted is an unknown function of the component ID4me Handler. The manipulation leads to improper authentication.

This vulnerability is documented as CVE-2026-45156. The attack can be initiated remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More