5 matches found
CVE-2026-63097
Dendrite 0.13.8 is affected by an improper access-control in the syncapi /context endpoint (syncapi/routing/context.go). The flaw uses a flawed membership check that only considers RoomExists, ignoring IsInRoom, HasBeenInRoom, and Membership fields, allowing authenticated local users who have lef...
CVE-2026-63095
CVE-2026-63095 affects Dendrite up to version 0.13.8. An improper authorization flaw in the Matrix Client-Server API allows any authenticated local user to delete another user’s third-party identifier (3PID) bindings by submitting an arbitrary address/medium to the account deletion endpoint witho...
CVE-2026-63095 Dendrite 0.13.8 Improper Authorization via POST account/3pid/delete Endpoint
Dendrite through 0.13.8 contains an improper authorization vulnerability in the Matrix Client-Server API that allows any authenticated local user to delete third-party identifier bindings belonging to other users by submitting an arbitrary address and medium to the account deletion endpoint witho...
PT-2026-60789
Dendrite through 0.13.8 contains a server-side request forgery vulnerability that allows unauthenticated attackers to cause the server to open outbound TLS connections to arbitrary hosts and ports by supplying an unvalidated serverName parameter to the legacy media download endpoint. Attackers ca...
PT-2022-23108 · Unknown +1 · Gomatrixserverlib +1
Name of the Vulnerable Software and Affected Versions: Dendrite versions prior to 0.9.3 gomatrixserverlib versions prior to commit 723fd49 Description: The power level parsing within gomatrixserverlib was failing to parse the "events default" key of the m.room.power levels event, defaulting the...