Nextcloud Calendar 6.0.0 Release Candidate 5
Approved changes feed: RSS · Atom
cpe:2.3:a:nextcloud:calendar:6.0.0:rc5:*:*:*:*:*:*
part: a version: 6.0.0 update: rc5
| Vendor | Nextcloud (e5ae4298-6932-564f-a40d-08cebea039a5) |
|---|---|
| Product | Calendar (319c0b6e-da99-5681-8a21-629c2ea044cb) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/nextcloud/calendar |
purl2cpe | 2026-06-01 10:17:59.585965 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-66546 |
vulnerable | 2026-06-03 15:11:00.777326 |
Nextcloud Calendar app allowed booking appointments without the generated token
LOW (3.3)
Nextcloud Calendar is a calendar app for Nextcloud. Prior to 4.7.19, 5.5.6, and 6.0.1, the calendar app allowed blindly booking appointments with a squential ID without known the appointment token. This vulnerability is fixed in 4.7.19, 5.5.6, and 6.0.1.
Published: 2025-12-05T16:49:46.553Z
Updated: 2025-12-05T18:32:44.271Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.