Element-hq Element-web
5 CVEs affecting Element-hq Element-web. Latest disclosed: 2025-09-16. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-51750 | Medium | 5.0 | 2024-11-12 | Element is a Matrix web client built using the Matrix React SDK. A malicious homeserver can send invalid messages over federation which can prevent Element Web… |
CVE-2025-32026 | Low | 3.8 | 2025-04-08 | Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to loa… |
CVE-2024-51749 | Low | 3.5 | 2024-11-12 | Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attach… |
CVE-2025-59161 | | 2025-09-16 | Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of ro… | |
CVE-2024-47779 | | 2024-10-15 | Element is a Matrix web client built using the Matrix React SDK. Element Web versions 1.11.70 through 1.11.80 contain a vulnerability which can, under speciall… |