Browse all 6 CVE security advisories affecting Matrix. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Matrix is an open-source communication protocol and ecosystem for decentralized real-time messaging, serving as a core infrastructure for secure collaboration across various applications. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and access control issues. The protocol's federated architecture introduces unique security considerations, with notable incidents including authentication bypass flaws in reference implementations. While no major breaches have been widely documented, the project's CVE history reflects ongoing challenges in securing its complex, extensible framework against both traditional web vulnerabilities and protocol-specific threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-49090 | Matrix 安全漏洞 — Matrix specificationCWE-642 | 7.1 | High | 2025-10-02 |
| CVE-2025-54315 | Matrix 安全漏洞 — Matrix specificationCWE-837 | 7.1 | High | 2025-10-02 |
This page lists every published CVE security advisory associated with Matrix. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.