MEDIUM🇬🇧 English

CVE-2026-45078

CVSS 6.8v4.0pub. 2026-05-28upd. 2026-06-03

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1.

oryginał EN
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Element Synapse

    APP
    Element
    < 1.152.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2026-45076MEDIUM5.1ten sam produkt

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious ho...

CVE-2024-26131HIGH8.4ten sam vendor

Element Android is an Android Matrix Client. Element Android version 1.4.3 through 1.6.10 is vulnerable to int...

CVE-2022-23597HIGH8.3ten sam vendor

Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before ...

CVE-2025-27606MEDIUM5.1ten sam vendor

Element Android is an Android Matrix Client provided by Element. Element Android up to version 1.6.32 can, und...

CVE-2024-26132MEDIUM4.0ten sam vendor

Element Android is an Android Matrix Client. A third-party malicious application installed on the same phone c...