element-web-1.11.112-1.1 on GA media (moderate)

element-web-1.11.112-1.1 on GA media Announcement ID: openSUSE-SU-2025:15559-1 Rating: moderate Cross-References: CVE-2025-59161 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

OPENSUSE-SU-2025:15558-1 element-desktop-1.11.112-1.1 on GA media

These are all security issues fixed in the element-desktop-1.11.112-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-59161

Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...

CVE-2025-59161 In Element Web and Element Desktop, a malicious room can hide an unrelated room and cause it to be left when the malicious room is left

Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...

Element Desktop 输入验证错误漏洞

Element Desktop is an Element open source Matrix client for the Element Web-centered desktop platform. An input validation error vulnerability exists in Element Desktop versions prior to 1.11.112, which stems from insufficient validation of the room pre-links and could lead to a remote attacker...