EUVD-2022-28571

Malicious code in bioql PyPI...

EUVD-2024-42681

Malicious code in bioql PyPI...

OPENSUSE-SU-2025:15558-1 element-desktop-1.11.112-1.1 on GA media

These are all security issues fixed in the element-desktop-1.11.112-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2025-59161

Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...

CVE-2025-59161

Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...

CVE-2025-59161

Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...

CVE-2025-59161 In Element Web and Element Desktop, a malicious room can hide an unrelated room and cause it to be left when the malicious room is left

Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...

CVE-2025-59161 In Element Web and Element Desktop, a malicious room can hide an unrelated room and cause it to be left when the malicious room is left

Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...

PT-2025-38059

Name of the Vulnerable Software and Affected Versions: Element Web versions prior to 1.11.112 Element Desktop versions prior to 1.11.112 Description: Element Web and Element Desktop are susceptible to a room list manipulation issue due to insufficient validation of room predecessor links. A remot...

Element Desktop 输入验证错误漏洞

Element Desktop is an Element open source Matrix client for the Element Web-centered desktop platform. An input validation error vulnerability exists in Element Desktop versions prior to 1.11.112, which stems from insufficient validation of the room pre-links and could lead to a remote attacker...

CVE-2024-47771

Element Desktop is a Matrix client for desktop platforms. Element Desktop versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access token becoming exposed to third parties. At least one vector has been identified internally, involvi...

CVE-2022-23597

Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...

SUSE CVE-2024-51749

Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attachments, stickers and images are coherent. It is possible to add thumbnails to events trigger a file download once clicked. Fixed in...

CVE-2024-51750 Element allows a malicious homeserver can modify events leading to unrenderable events or rooms

Element is a Matrix web client built using the Matrix React SDK. A malicious homeserver can send invalid messages over federation which can prevent Element Web and Desktop from rendering single messages or the entire room containing them. This was patched in Element Web and Desktop 1.11.85...

PT-2024-34881 · Unknown · Element Desktop +1

Name of the Vulnerable Software and Affected Versions: Element Web and Desktop versions prior to 1.11.85 Description: A malicious homeserver can send invalid messages over federation, which can prevent Element Web and Desktop from rendering single messages or the entire room containing them...

element-desktop-1.11.81-1.1 on GA media (moderate)

element-desktop-1.11.81-1.1 on GA media Announcement ID: openSUSE-SU-2024:14406-1 Rating: moderate Cross-References: CVE-2024-47771 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

OPENSUSE-SU-2024:14406-1 element-desktop-1.11.81-1.1 on GA media

These are all security issues fixed in the element-desktop-1.11.81-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2024-47771

Element Desktop is a Matrix client for desktop platforms. Element Desktop versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access token becoming exposed to third parties. At least one vector has been identified internally, involvi...

CVE-2024-47779 Element Web vulnerable to potential exposure of access token via authenticated media

Element is a Matrix web client built using the Matrix React SDK. Element Web versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access token becoming exposed to third parties. At least one vector has been identified internally,...

CVE-2024-47771

Element Desktop is a Matrix client for desktop platforms. Element Desktop versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access token becoming exposed to third parties. At least one vector has been identified internally, involvi...