diff --git a/lib/private/Files/Utils/Scanner.php b/lib/private/Files/Utils/Scanner.php
index 40201d10b9925..9a3228e6475f1 100644
--- a/lib/private/Files/Utils/Scanner.php
+++ b/lib/private/Files/Utils/Scanner.php
@@ -85,7 +85,7 @@ public function __construct($user, $db, IEventDispatcher $dispatcher, LoggerInte
 	 * get all storages for $dir
 	 *
 	 * @param string $dir
-	 * @return \OC\Files\Mount\MountPoint[]
+	 * @return array<string, \OC\Files\Mount\MountPoint>
 	 */
 	protected function getMounts($dir) {
 		//TODO: move to the node based fileapi once that's done
@@ -96,8 +96,9 @@ protected function getMounts($dir) {
 		$mounts = $mountManager->findIn($dir);
 		$mounts[] = $mountManager->find($dir);
 		$mounts = array_reverse($mounts); //start with the mount of $dir
+		$mountPoints = array_map(fn ($mount) => $mount->getMountPoint(), $mounts);
 
-		return $mounts;
+		return array_combine($mountPoints, $mounts);
 	}
 
 	/**
@@ -210,6 +211,9 @@ public function scan($dir = '', $recursive = \OC\Files\Cache\Scanner::SCAN_RECUR
 							$owner = $owner['name'] ?? $ownerUid;
 							$permissions = decoct(fileperms($fullPath));
 							throw new ForbiddenException("User folder $fullPath is not writable, folders is owned by $owner and has mode $permissions");
+						} elseif (isset($mounts[$mount->getMountPoint() . $path . '/'])) {
+							// /<user>/files is overwritten by a mountpoint, so this check is irrelevant
+							break;
 						} else {
 							// if the root exists in neither the cache nor the storage the user isn't setup yet
 							break 2;