I’m guessing this has naught to do with Nextcloud—looks like CVE-2023-49103 is an issue with an ownCloud plugin called “graphapi”, and I don’t even see that one in the Nextcloud app store. Just wanted to check and make sure.
There is also an official statement: