Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

matrix-org — Vulnerabilities & Security Advisories 80

Browse all 80 CVE security advisories affecting matrix-org. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Matrix.org operates the open-source Matrix protocol, a decentralized communication standard enabling real-time chat, VoIP, and collaboration across federated servers. This architecture allows users to choose their own homeservers while maintaining interoperability with other platforms. Historically, vulnerabilities within the reference implementation and related components have frequently involved server-side request forgery, cross-site scripting, and improper access controls. These flaws often stem from complex federation logic or insufficient input validation in web interfaces. Notable incidents include critical privilege escalation bugs that allowed unauthenticated attackers to execute arbitrary code or access private user data. The project’s reliance on a large ecosystem of third-party clients and bridges introduces additional attack surfaces, requiring rigorous security audits. While the protocol itself emphasizes end-to-end encryption, implementation errors in the core server software have repeatedly exposed sensitive information, highlighting the challenges of securing decentralized infrastructure.

Top products by matrix-org: synapse matrix-js-sdk matrix-appservice-irc matrix-react-sdk matrix-rust-sdk sydent matrix-appservice-bridge gomatrixserverlib matrix-android-sdk2 matrix-ios-sdk matrix-hookshot vodozemac dendrite matrix-sdk-crypto mjolnir pinecone
CVE IDTitleCVSSSeverityPublished
CVE-2025-66622 matrix-sdk-base is vulnerable to DoS via custom m.room.join_rules event values — matrix-rust-sdkCWE-755 7.5AIHighAI2025-12-09
CVE-2025-59160 matrix-js-sdk has insufficient validation when considering a room to be upgraded by another — matrix-js-sdkCWE-345 7.5AIHighAI2025-09-16
CVE-2025-59047 matrix-sdk-base has panic in the `RoomMember::normalized_power_level()` method — matrix-rust-sdkCWE-682 7.5AIHighAI2025-09-11
CVE-2025-53549 Matrix Rust SDK allows SQL injection in the EventCache implementation — matrix-rust-sdkCWE-89 8.8AIHighAI2025-07-10
CVE-2025-48937 matrix-sdk-crypto vulnerable to sender of encrypted events being spoofed by homeserver administrator — matrix-rust-sdkCWE-290 4.9 Medium2025-06-10
CVE-2025-27155 In-memory stored Cross-site scripting (XSS) vulnerability in pineconesim — pineconeCWE-79 6.1 Medium2025-03-04
CVE-2025-27146 Matrix IRC Bridge allows IRC command injection to own puppeted user — matrix-appservice-ircCWE-77 2.7 Low2025-02-25
CVE-2025-23197 matrix-hookshot has a Potential Denial of Service when Hookshot is configured with GitHub support — matrix-hookshotCWE-754 6.5 Medium2025-01-27
CVE-2025-24024 Mjolnir v1.9.0 accepts commands from any room — mjolnirCWE-671 9.1 Critical2025-01-21
CVE-2024-52594 Server-Side Request Forgery (SSRF) on redirects and federation in gomatrixserverlib — gomatrixserverlibCWE-918 4.3 Medium2025-01-16
CVE-2024-52813 matrix-sdk-crypto missing facility to signal rotation of a verified cryptographic identity — matrix-rust-sdkCWE-223 4.3 Medium2025-01-07
CVE-2024-52505 matrix-appservice-irc allows IRC Command injection in provisioning API — matrix-appservice-ircCWE-147 5.4 Medium2024-11-14
CVE-2024-50336 matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal — matrix-js-sdkCWE-22 7.1AIHighAI2024-11-12
CVE-2024-47824 Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room — matrix-react-sdkCWE-200 6.5 -2024-10-15
CVE-2024-47080 matrix-js-sdk keys sent via `sendSharedHistoryKeys` vulnerable to interception by malicious homeserver — matrix-js-sdkCWE-200 7.5 -2024-10-15
CVE-2024-42369 A room with itself as a its predecessor will freeze matrix-js-sdk — matrix-js-sdkCWE-674 4.1 Medium2024-08-20
CVE-2024-42347 URL preview setting for a room is controllable by the homeserver in matrix-react-sdk — matrix-react-sdkCWE-359 7.7 High2024-08-06
CVE-2024-40648 `UserIdentity::is_verified` not checking verification status of own user identity while performing the check in matrix-rust-sdk — matrix-rust-sdkCWE-287 5.4 Medium2024-07-18
CVE-2024-40640 Usage of non-constant time base64 decoder could lead to leakage of secret key material in vodozemac — vodozemacCWE-208 2.9 Low2024-07-17
CVE-2024-39691 Malicious Matrix homeserver can leak truncated message content of messages it shouldn't have access to — matrix-appservice-ircCWE-280 4.3 Medium2024-07-05
CVE-2024-34353 matrix-sdk-crypto contains a log exposure of private key of the server-side key backup — matrix-sdk-cryptoCWE-532 5.5 Medium2024-05-13
CVE-2024-34063 Degraded secret zeroization capabilities in vodozemac — vodozemacCWE-1188 2.5 Low2024-05-03
CVE-2024-32000 Truncated content of messages can be leaked from matrix-appservice-irc — matrix-appservice-ircCWE-280 4.3 Medium2024-04-12
CVE-2023-43796 Synapse vulnerable to leak of remote user device information — synapseCWE-200 5.3 Medium2023-10-31
CVE-2023-45129 matrix-synapse vulnerable to denial of service due to malicious server ACL events — synapseCWE-770 4.9 Medium2023-10-10
CVE-2023-43656 Sandbox escape for instances that have enabled transformation functions in matrix-hookshot — matrix-hookshotCWE-74 5.6 Medium2023-09-27
CVE-2023-41335 Temporary storage of plaintext passwords during password changes in matrix synapse — synapseCWE-312 3.7 Low2023-09-26
CVE-2023-42453 Improper validation of receipts allows forged read receipts in matrix synapse — synapseCWE-285 3.1 Low2023-09-26
CVE-2023-38700 matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms — matrix-appservice-ircCWE-200 3.5 Low2023-08-04
CVE-2023-38691 matrix-appservice-bridge doesn't verify the sub parameter of an openId token exhange, allowing unauthorized access to provisioning APIs — matrix-appservice-bridgeCWE-287 5.0 Medium2023-08-04

This page lists every published CVE security advisory associated with matrix-org. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.