85 matches found
CVE-2026-45076
Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...
CVE-2026-45076
Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...
UBUNTU-CVE-2026-45076
Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...
synapse 安全漏洞
Synapse is an open-source matrix main server developed by Element. Versions prior to 1.152.1 of Synapse contained a security vulnerability. This vulnerability occurred due to locally authenticated users being able to exhaust CPU resources, causing other requests to fail and leading to...
synapse 输入验证错误漏洞
Synapse is an open-source matrix main server developed by Element. Versions prior to 1.152.1 of Synapse contained a vulnerability related to input validation errors. This vulnerability allowed malicious servers to manipulate room events, thereby preventing the complete history from being provided...
GHSA-8Q93-326V-3M7G Synapse CPU starvation (Denial of Service)
Impact Local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. Homeservers that trust all their local users are not at risk. Patches Update to Synapse 1.152.1 or later. Workarounds If Synapse is...
CVE-2019-11842
An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID...
Linux Distros Unpatched Vulnerability : CVE-2025-61672
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacke...
GHSA-FH66-FCV5-JJFR Synapse's invalid device keys degrade federation functionality
Impact Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeservers. Patches Patched in Synapse 1.138.3, 1.138.4,...
CVE-2025-61672
Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeserver...
CVE-2025-61672
CVE-2025-61672 affects the Synapse Matrix homeserver. The issue is caused by lack of validation for device keys in Synapse before 1.138.3 and in 1.139.0, enabling an attacker registered on the victim homeserver to degrade federation functionality and unpredictably break outbound federation to oth...
EUVD-2017-5901
Malware in sbrugna...
EUVD-2021-0125
Malware in sbrugna...
EUVD-2017-18700
Malware in sbrugna...
EUVD-2019-0082
Malware in sbrugna...
EUVD-2022-3580
Malicious code in bioql PyPI...
EUVD-2024-3424
Malicious code in bioql PyPI...
EUVD-2025-8265
Malicious code in bioql PyPI...
EUVD-2021-31075
Malicious code in bioql PyPI...
EUVD-2024-3513
Malicious code in bioql PyPI...