Primary

Context

Nextcloud Files App PIN Bypass Vulnerability on Android

Vulnerability

Patched

A vulnerability in the Nextcloud Files app for Android, versions 33.0.0 prior to 33.1.0, allows users to bypass the app's PIN code lock. After unlocking a locked Android phone, the back button could be used to navigate past the PIN prompt, potentially exposing sensitive files or information.

Impact

Exploiting this vulnerability allows for unauthorized access to the Nextcloud Files app, bypassing the PIN lock and potentially leading to exposure of sensitive files or information.

Remediation

Users are advised to update the Nextcloud Android Files app to version 33.1.0, where this vulnerability has been patched.

Added: Jun 1, 2026, 5:31 PM

Updated: Jun 1, 2026, 5:31 PM

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

0.6

exploitability

3.8

remediation

7.7

relevance

9.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

0.6

exploitability

3.8

remediation

7.7

relevance

9.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nextcloud Files App PIN Bypass Vulnerability on Android

Vulnerability

Impact

Remediation

Affected Products

Nextcloud

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating