matrix-org Summary
Latest vulnerabilities published by matrix-org
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Denial-of-Service Vulnerability in Matrix SDK Base Component
CVE-2025-66622Matrix-orgMatrix-rust-sdk1.3LOWInsufficient Validation Vulnerability in Matrix JavaScript SDK by Matrix
CVE-2025-59160Matrix-orgMatrix-js-sdk2.7LOWVulnerability in Matrix Client Library Affects matrix-sdk-base Component
CVE-2025-59047Matrix-orgMatrix-rust-sdk2.7LOWSQL Injection Vulnerability in Matrix Rust SDK by Matrix.org
CVE-2025-53549Matrix-orgMatrix-rust-sdk5.2MEDIUMMatrix SDK Vulnerability in Rust Implementation Affects Data Integrity
CVE-2025-48937Matrix-orgMatrix-rust-sdk4.9MEDIUMStored Cross-Site Scripting Vulnerability in Pinecone by Matrix.org
CVE-2025-27155Matrix-orgPinecone6.1MEDIUMArbitrary Command Execution Vulnerability in Matrix-IRC Bridge by Matrix
CVE-2025-27146Matrix-orgMatrix-appservice-irc4.3MEDIUMDenial of Service Vulnerability in matrix-hookshot for GitHub Integration
CVE-2025-23197Matrix-orgMatrix-hookshot6.5MEDIUMModeration Tool Vulnerability in Mjolnir by Matrix
CVE-2025-24024Matrix-orgMjolnir9.1CRITICALServer-Side Request Forgery Vulnerability in Gomatrixserverlib Library by Matrix Org
CVE-2024-52594Matrix-orgGomatrixserverlib4.3MEDIUMClient-Side Path Traversal Vulnerability in Matrix JS SDK by Matrix
CVE-2024-50336Matrix-orgMatrix-js-sdk5.3MEDIUMMatrix-react-sdk vulnerability allows homeserver to steal message keys for a room
CVE-2024-47824Matrix-orgMatrix-react-sdkVulnerability in matrix-js-sdk Could Allow Interception of Historical Message Keys
CVE-2024-47080Matrix-orgMatrix-js-sdkCycle Vulnerability in Matrix JavaScript SDK Affects Messaging Client
CVE-2024-42369Matrix-orgMatrix-js-sdk5.3MEDIUMIdentity Verification Vulnerability in matrix-rust-sdk Could Lead to Manipulation of Sensitive Operations
CVE-2024-40648Matrix-orgMatrix-rust-sdk5.4MEDIUMBase64 Time-Dependent Leakage Vulnerability Affects vodozemac's Open-Source Cryptographic Library
CVE-2024-40640Matrix-orgVodozemac2.9LOWMatrix Appservice-IRC Fixes Timestamp Vulnerability
CVE-2024-39691Matrix-orgMatrix-appservice-irc4.3MEDIUMLogging of Private Backup Key in Matrix Rust SDK Version 0.7.0
CVE-2024-34353Matrix-orgMatrix-sdk-crypto5.5MEDIUMIRC Bridge Vulnerability Leaks Message Content
CVE-2024-32000Matrix-orgMatrix-appservice-irc4.3MEDIUMSynapse vulnerable to leak of remote user device information
CVE-2023-43796Matrix-orgSynapse5.3MEDIUMmatrix-synapse vulnerable to denial of service due to malicious server ACL events
CVE-2023-45129Matrix-orgSynapse4.9MEDIUMSandbox escape for instances that have enabled transformation functions in matrix-hookshot
CVE-2023-43656Matrix-orgMatrix-hookshot5.6MEDIUMTemporary storage of plaintext passwords during password changes in matrix synapse
CVE-2023-41335Matrix-orgSynapse3.7LOWImproper validation of receipts allows forged read receipts in matrix synapse
CVE-2023-42453Matrix-orgSynapse3.1LOWmatrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms
CVE-2023-38700Matrix-orgMatrix-appservice-irc3.5LOW