CVE-2025-59160
The CVE-2025-59160 entry concerns the Matrix JavaScript SDK (matrix-js-sdk) prior to version 38.2.0, where MatrixClient::getJoinedRooms performs insufficient validation of room predecessor links. This can allow a remote attacker to attempt to replace a tombstoned room with an unrelated attacker-s...