CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/04/18 3:49 p.m.•3 views

CVE-2025-27599 Element X Android vulnerable to loading malicious web pages via received intent

6.5CVSS6.7AI score0.00268EPSS

Exploits0References5

Cvelist•added 2025/04/18 3:49 p.m.•9 views

CVE-2025-27599 Element X Android vulnerable to loading malicious web pages via received intent

6.5CVSS0.00268EPSS

Vulnrichment•added 2025/04/18 3:49 p.m.•7 views

CVE-2025-27599 Element X Android vulnerable to loading malicious web pages via received intent

CVE•added 2025/04/18 3:49 p.m.•55 views

CVE-2025-27599

Element X Android (Element X Android apps by element.io) is affected prior to version 25.04.2. A crafted hyperlink on a webpage or a locally installed malicious app can cause Element X up to 25.04.1 to load a webpage with permissions similar to Element Call and automatically grant temporary acces...

Positive Technologies•added 2025/04/18 12:0 a.m.•2 views

PT-2025-17307 · Element · Element

Name of the Vulnerable Software and Affected Versions: Element X Android versions prior to 25.04.2 Description: A crafted hyperlink on a webpage or a locally installed malicious app can force Element X to load a webpage with similar permissions to Element Call, automatically granting it temporary...

CNNVD•added 2025/04/18 12:0 a.m.•1 views

Exploits0References8

Element X Android 安全漏洞

Element X Android is an Android Matrix application from Element open source using Matrix Rust Sdk and Jetpack Compose. A security vulnerability exists in Element X Android versions prior to 25.04.2, which stems from a specially crafted hyperlink that could result in automatically granting tempora...

RedhatCVE•added 2025/04/05 6:34 p.m.•11 views

CVE-2025-31127

Element X Android is a Matrix Android Client provided by element.io. In Element X Android versions between 0.4.16 and 25.03.3, the entity in control of the element.json well-known file is able, under certain conditions, to get access to the media encryption keys used for an Element Call call. Thi...

5.3CVSS6.9AI score0.00434EPSS

Exploits0References1

RedhatCVE•added 2025/04/05 6:33 p.m.•11 views

CVE-2025-31126

Element X iOS is a Matrix iOS Client provided by Element. In Element X iOS version between 1.6.13 and 25.03.7, the entity in control of the element.json well-known file is able, under certain conditions, to get access to the media encryption keys used for an Element Call call. This vulnerability ...

5.3CVSS6.6AI score0.00434EPSS

Exploits0References1

NVD•added 2025/04/03 6:15 p.m.•2 views

CVE-2025-31127

5.3CVSS0.00434EPSS

NVD•added 2025/04/03 6:15 p.m.•2 views

CVE-2025-31126

5.3CVSS0.00434EPSS

CVE•added 2025/04/03 5:54 p.m.•37 views

CVE-2025-31126

Element X iOS (Matrix client) is affected in versions 1.6.13 through 25.03.7 where the entity controlling the element.json well-known file can, under certain conditions, access media encryption keys used for an Element Call, leaking confidentiality. The issue is fixed in version 25.03.8. Affected...

5.3CVSS6.8AI score0.00434EPSS

Vulnrichment•added 2025/04/03 5:54 p.m.•4 views

CVE-2025-31126 Element X iOS allows the entity in control of the well-known file to break the confidentiality of embedded Element Call

5.3CVSS5.1AI score0.00434EPSS

Cvelist•added 2025/04/03 5:54 p.m.•7 views

CVE-2025-31126 Element X iOS allows the entity in control of the well-known file to break the confidentiality of embedded Element Call

5.3CVSS0.00434EPSS