A vulnerability has been discovered in the updateMessage Meteor Method, allowing adversaries to edit messages without proper authorization. This occurs due to insufficient permission checks for the βridβ parameter. Attackers can exploit this issue to leak private messages with known message IDs.