Lucene search
+L

4 matches found

NVD
NVD
added 5 hours ago6 views

CVE-2026-63097

Dendrite through 0.13.8 contains an improper access control vulnerability in the syncapi /context endpoint syncapi/routing/context.go that allows authenticated local users to access post-leave room state events by exploiting a flawed membership check that evaluates only the RoomExists field while...

5.3CVSS
Exploits0References2
CVE
CVE
added 5 hours ago9 views

CVE-2026-63097

Dendrite 0.13.8 is affected by an improper access-control in the syncapi /context endpoint (syncapi/routing/context.go). The flaw uses a flawed membership check that only considers RoomExists, ignoring IsInRoom, HasBeenInRoom, and Membership fields, allowing authenticated local users who have lef...

5.3CVSS5.4AI score
Exploits0References2
EUVD
EUVD
added 5 hours ago5 views

EUVD-2026-45195

Dendrite through 0.13.8 contains an improper access control vulnerability in the syncapi /context endpoint syncapi/routing/context.go that allows authenticated local users to access post-leave room state events by exploiting a flawed membership check that evaluates only the RoomExists field while...

5.3CVSS5.4AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60790

Dendrite through 0.13.8 contains an improper access control vulnerability in the syncapi /context endpoint syncapi/routing/context.go that allows authenticated local users to access post-leave room state events by exploiting a flawed membership check that evaluates only the RoomExists field while...

5.3CVSS5.3AI score
Exploits0References3
Rows per page
Query Builder