CVE-2026-45076
Synapse (open source Matrix homeserver) is affected by CVE-2026-45076. In federated rooms, malicious homeservers can craft room events to prevent full history from being provided to paginating clients, causing clients to fail to display room history. The issue is fixed in Synapse 1.152.1 or later...