Known Vulnerabilities for products from Matrix
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Matrix".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-45003 json | Not Provided | 2026-05-11 | 2026-05-11 | |
| CVE-2026-44110 json | Not Provided | 2026-05-06 | 2026-05-07 | |
| CVE-2026-42521 json | Not Provided | 2026-04-29 | 2026-04-29 | |
| CVE-2026-42433 json | Not Provided | 2026-05-05 | 2026-05-05 | |
| CVE-2026-41376 json | Not Provided | 2026-04-28 | 2026-04-29 | |
| CVE-2026-39852 json | Not Provided | 2026-05-05 | 2026-05-06 | |
| CVE-2026-4388 json | Not Provided | 2026-04-14 | 2026-04-14 | |
| CVE-2026-3984 json | Not Provided | 2026-03-12 | 2026-03-12 | |
| CVE-2026-3983 json | Not Provided | 2026-03-12 | 2026-03-12 | |
| CVE-2024-50485 json | Not Provided | 2024-10-29 | 2026-04-23 | |
| CVE-2023-45129 json | Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Prior to version 1.94.0, a m... | 4.9 - MEDIUM | 2023-10-10 | 2024-01-07 |
| CVE-2023-43796 json | Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cached device information of remote users... | 5.3 - MEDIUM | 2023-10-31 | 2024-01-07 |
| CVE-2023-43656 json | matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Instances that have ... | 9 - CRITICAL | 2023-09-27 | 2023-10-05 |
| CVE-2023-42453 json | Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge rea... | 4.3 - MEDIUM | 2023-09-27 | 2024-01-07 |
| CVE-2023-41335 json | Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. When users update their pass... | 3.7 - LOW | 2023-09-27 | 2024-01-07 |
| CVE-2023-38700 json | matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it was possible to craft an event such that... | 3.7 - LOW | 2023-08-04 | 2023-08-11 |
| CVE-2023-38691 json | matrix-appservice-bridge provides an API for setting up bridges. Starting in version 4.0.0 and prior to versions 8.1.2 and 9.... | 6.5 - MEDIUM | 2023-08-04 | 2023-08-11 |
| CVE-2023-38690 json | matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newl... | 9.8 - CRITICAL | 2023-08-04 | 2023-08-11 |
| CVE-2023-38686 json | Sydent is an identity server for the Matrix communications protocol. Prior to version 2.5.6, if configured to send emails usi... | 5.3 - MEDIUM | 2023-08-04 | 2023-08-10 |
| CVE-2023-32683 json | Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. A discovered oEmbed or image URL can by... | 5.4 - MEDIUM | 2023-06-06 | 2023-06-17 |