A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended. References: https://hackerone.com/reports/852841 https://nextcloud.com/security/advisory/?id=NC-SA-2020-023
Fixed in 18.0.5+ which has been in the repos for a while.