CVE-2026-45076
EUVD-2026-3293428.05.2026, 17:16
Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This vulnerability is fixed in 1.152.1.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| element | synapse | 𝑥 < 1.152.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration