791 matches found
SUSE CVE-2025-32026
Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used f...
CVE-2025-32026
Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used f...
CVE-2025-32026
Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used f...
CVE-2025-32026 Element Web could load a malicious instance of Element Call leaking media encryption keys
Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used f...
CVE-2025-32026
Element Web (Matrix Web client) versions 1.11.16–1.11.96 expose a vulnerability where, if configured to load Element Call from an external URL, an external page can gain access to media encryption keys used during a call. Root cause: external URL loading creates a trust boundary bypass that leaks...
CVE-2025-32026 Element Web could load a malicious instance of Element Call leaking media encryption keys
Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used f...
CVE-2025-32026 Element Web could load a malicious instance of Element Call leaking media encryption keys
Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used f...
CVE-2025-31127
Element X Android is a Matrix Android Client provided by element.io. In Element X Android versions between 0.4.16 and 25.03.3, the entity in control of the element.json well-known file is able, under certain conditions, to get access to the media encryption keys used for an Element Call call. Thi...
CVE-2025-31126
Element X iOS is a Matrix iOS Client provided by Element. In Element X iOS version between 1.6.13 and 25.03.7, the entity in control of the element.json well-known file is able, under certain conditions, to get access to the media encryption keys used for an Element Call call. This vulnerability ...
CVE-2025-31127
Element X Android is a Matrix Android Client provided by element.io. In Element X Android versions between 0.4.16 and 25.03.3, the entity in control of the element.json well-known file is able, under certain conditions, to get access to the media encryption keys used for an Element Call call. Thi...
CVE-2025-31126
Element X iOS is a Matrix iOS Client provided by Element. In Element X iOS version between 1.6.13 and 25.03.7, the entity in control of the element.json well-known file is able, under certain conditions, to get access to the media encryption keys used for an Element Call call. This vulnerability ...
CVE-2025-31126 Element X iOS allows the entity in control of the well-known file to break the confidentiality of embedded Element Call
Element X iOS is a Matrix iOS Client provided by Element. In Element X iOS version between 1.6.13 and 25.03.7, the entity in control of the element.json well-known file is able, under certain conditions, to get access to the media encryption keys used for an Element Call call. This vulnerability ...
CVE-2025-31126
Element X iOS (Matrix client) is affected in versions 1.6.13 through 25.03.7 where the entity controlling the element.json well-known file can, under certain conditions, access media encryption keys used for an Element Call, leaking confidentiality. The issue is fixed in version 25.03.8. Affected...
CVE-2025-31126 Element X iOS allows the entity in control of the well-known file to break the confidentiality of embedded Element Call
Element X iOS is a Matrix iOS Client provided by Element. In Element X iOS version between 1.6.13 and 25.03.7, the entity in control of the element.json well-known file is able, under certain conditions, to get access to the media encryption keys used for an Element Call call. This vulnerability ...
CVE-2025-31127 Element X Android allows the entity in control of the well-known file to break the confidentiality embedded Element Call
Element X Android is a Matrix Android Client provided by element.io. In Element X Android versions between 0.4.16 and 25.03.3, the entity in control of the element.json well-known file is able, under certain conditions, to get access to the media encryption keys used for an Element Call call. Thi...
CVE-2025-31127
Element X Android (Matrix Android client by element.io) is affected in versions 0.4.16 through 25.03.3 where the entity controlling the element.json well-known file can, under certain conditions, access the media encryption keys used for an Element Call. The issue stems from how the well-known co...
CVE-2025-31127 Element X Android allows the entity in control of the well-known file to break the confidentiality embedded Element Call
Element X Android is a Matrix Android Client provided by element.io. In Element X Android versions between 0.4.16 and 25.03.3, the entity in control of the element.json well-known file is able, under certain conditions, to get access to the media encryption keys used for an Element Call call. Thi...
FastCMS 安全漏洞
FastCMS is a content management system from FastCMS, Inc. A security vulnerability exists in FastCMS version 0.1.5 that stems from the use of hard-coded encryption keys by the JWT processing component...
PT-2025-14781 · Element · Element Ios
Name of the Vulnerable Software and Affected Versions: Element X iOS versions 1.6.13 through 25.03.7 Description: The issue allows an entity in control of the element.json well-known file to access media encryption keys used for an Element Call under certain conditions. Recommendations: For...
Element X iOS 信息泄露漏洞
Element X iOS is an Element open source next-generation Matrix client for iOS built on SwiftUI for Matrix rust-sdk. An information disclosure vulnerability exists in Element X iOS versions 1.6.13 through 25.03.7, which originates in the element.json file and could lead to the disclosure of media...