Nextcloud ↗
Nextcloud · CMS
100/100 Healthy
Summary iPlain-English security verdict for Nextcloud, generated from its current health score, actively-exploited vulnerabilities, and latest supported version.
Nextcloud currently scores 100/100 — healthy. No tracked vulnerabilities are currently known to be exploited in the wild. The latest supported release is 34.0.0. It's on the latest patch with no significant known issues — keep it current.
Disclosure trend iNew CVEs published for Nextcloud each year (NVD). A higher bar means more disclosures that year — more scrutiny, not necessarily less safe.
'19
'20
'21
'22
'23
'24
'25
'26
Patch priority — what to act on iThe issues to fix first — actively exploited (CISA KEV) first, then by exploitation probability (EPSS), then severity. Each row's "→ fixed in" is the earliest version that patches it; "see advisory" means no fixed version is published.
Most urgent first — actively exploited, then likeliest to be exploited.
CVE-2019-5454 CRITICAL SQL injection EPSS 0% → see advisoryVersions & lifecycle iWhen each release line stops receiving security patches (end-of-life). After EOL there are no more fixes — plan upgrades before these dates.
How long each Nextcloud release line is supported — and when it sunsets.
34 latest 34.0.0 Supported until 2027-06-30
33 latest 33.0.5 Supported until 2027-02-28
32 latest 32.0.11 Supported until 2026-09-30
31 latest 31.0.14 End of life ended 2026-02-28
30 latest 30.0.17 End of life ended 2025-10-31
29 latest 29.0.16 End of life ended 2025-04-30
28 latest 28.0.14 End of life ended 2024-12-31
27 latest 27.1.11 End of life ended 2024-06-30
26 latest 26.0.13 End of life ended 2024-03-31
25 latest 25.0.13 End of life ended 2023-10-31
See all upcoming end-of-life dates →