nextcloud-client is vulnerable to Missing Encryption of Sensitive Data. The vulnerability is caused due to a Lack of authenticity of metadata keys allowing a malicious server to gain access to E2EE folders resulting in it being able to decrypt files, recover the folder structure and add new files.