matrix-synapse vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-45076Mediummatrix-synapse: Synapse pagination Denial of ServiceCVE-2026-45078Highmatrix-synapse: Synapse CPU starvation (Denial of Service)CVE-2025-61672Mediummatrix-synapse: Synapse's invalid device keys degrade federation functionalityCVE-2025-30355Highmatrix-synapse: Synapse vulnerable to federation denial of service via malformed eventsCVE-2024-53867Mediummatrix-synapse: Synapse Matrix has a partial room state leak via Sliding SyncCVE-2024-53863Highmatrix-synapse: Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decodersCVE-2024-52815Highmatrix-synapse: Synapse allows a a malformed invite to break the invitee's `/sync`CVE-2024-52805Highmatrix-synapse: Synapse allows unsupported content types to lead to memory exhaustionCVE-2024-37303Mediummatrix-synapse: Synapse's unauthenticated writes to the media repository allow planting of problematic contentCVE-2024-37302Highmatrix-synapse: Synapse denial of service through media disk space consumptionCVE-2024-31208Mediummatrix-synapse: Synapse V2 state resolution weakness allows Denial of Service (DoS)CVE-2023-43796Mediummatrix-synapse: Synapse vulnerable to leak of remote user device informationCVE-2023-45129Mediummatrix-synapse: matrix-synapse vulnerable to denial of service due to malicious server ACL eventsCVE-2023-42453Mediummatrix-synapse: matrix-synapse vulnerable to improper validation of receipts allows forged read receiptsCVE-2023-41335Lowmatrix-synapse: matrix-synapse vulnerable to temporary storage of plaintext passwords during password changesCVE-2023-32683Mediummatrix-synapse: Synapse has URL deny list bypass via oEmbed and image URLs when generating previewsCVE-2023-32682Mediummatrix-synapse: Synapse has improper checks for deactivated users during loginCVE-2023-32323Mediummatrix-synapse: Synapse Outgoing federation to specific hosts can be disabled by sending malicious invitesCVE-2022-39374Highmatrix-synapse: Synapse Denial of service due to incorrect application of event authorization rules during state resolutionCVE-2022-39335Highmatrix-synapse: Synapse does not apply enough checks to servers requesting auth events of events in a roomCVE-2022-31152Highmatrix-synapse: Denial of service due to incorrect application of event authorization rulesCVE-2022-31052Highmatrix-synapse: URL previews of unusual or maliciously-crafted pages can crash Synapse media repositories or Synapse monolithsCVE-2019-18835Highmatrix-synapse: Improper Verification of Cryptographic Signature in matrix-synapseCVE-2019-11842Highmatrix-sydent: matrix-sydent and matrix-synapse Use Cryptographically Weak PRNGCVE-2018-10657Highmatrix-synapse: Matrix Synapse DoS

Stop the waste.
Protect your environment with Kodem.