Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2026/06/07 8:58 p.m.12 views

CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.4AI score0.00369EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/01 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-45076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that...

5.1CVSS5.5AI score0.00369EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/29 1:20 a.m.16 views

SUSE CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

2.7CVSS5.8AI score0.00369EPSS
Exploits0References3
PyPA
PyPA
added 2026/05/28 5:16 p.m.9 views

PYSEC-0000-CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.4AI score0.00369EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2026/05/28 5:16 p.m.7 views

PYSEC-2026-194

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.4AI score0.00369EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/05/28 5:16 p.m.18 views

CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS0.00369EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 5:16 p.m.8 views

DEBIAN-CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

2.7CVSS5.8AI score0.00369EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 5:16 p.m.9 views

PYSEC-2026-194

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

2.7CVSS5.4AI score0.00369EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 5:16 p.m.7 views

UBUNTU-CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.8AI score0.00369EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/28 3:50 p.m.33 views

CVE-2026-45076 Synapse pagination denial of service

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS0.00369EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:50 p.m.7 views

CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.8AI score0.00369EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/28 3:50 p.m.38 views

CVE-2026-45076

Synapse (open source Matrix homeserver) is affected by CVE-2026-45076. In federated rooms, malicious homeservers can craft room events to prevent full history from being provided to paginating clients, causing clients to fail to display room history. The issue is fixed in Synapse 1.152.1 or later...

5.1CVSS5.8AI score0.00369EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/28 3:50 p.m.14 views

EUVD-2026-32934

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.8AI score0.00369EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/28 3:50 p.m.8 views

CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.8AI score0.00369EPSS
Exploits0
Snyk
Snyk
added 2026/05/14 4:18 p.m.8 views

Improper Check for Unusual or Exceptional Conditions

Overview matrix-synapse is an ecosystem for open federated Instant Messaging and VoIP. Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the pagination process for federated rooms. An attacker can cause clients to fail to display room...

6.9CVSS5.8AI score0.00369EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/14 4:18 p.m.15 views

Synapse pagination Denial of Service

Impact In federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. Patches Update to Synapse 1.152.1 or later. Workarounds There are no known workaround...

5.1CVSS5.9AI score0.00369EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/14 4:18 p.m.6 views

GHSA-6QF2-7X63-MM6V Synapse pagination Denial of Service

Impact In federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. Patches Update to Synapse 1.152.1 or later. Workarounds There are no known workaround...

6.9CVSS5.9AI score0.00369EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.20 views

PT-2026-41158

Name of the Vulnerable Software and Affected Versions Synapse versions prior to 1.152.1 Description In federated rooms, malicious homeservers can craft room events that prevent the server from providing full history to paginating clients. This can result in clients failing to display the room...

6.9CVSS5.8AI score0.00369EPSS
Exploits0References10
FreeBSD
FreeBSD
added 2020/09/16 12:0 a.m.18 views

py-matrix-synapse -- malformed events may prevent users from joining federated rooms

Problem Description: Affected Synapse versions assume that all events have an "origin" field set. If an event without the "origin" field is sent into a federated room, servers not already joined to the room will be unable to do so due to failing to fetch the malformed event. Impact: An attacker...

1.7AI score
Exploits0References3
Rows per page
Query Builder