Element-hq Element-web

5 CVEs affecting Element-hq Element-web. Latest disclosed: 2025-09-16. Critical: 0, High: 0.

Top CVEs affecting Element-hq Element-web
CVESeverityScorePublishedSummary
CVE-2024-51750Medium5.02024-11-12Element is a Matrix web client built using the Matrix React SDK. A malicious homeserver can send invalid messages over federation which can prevent Element Web…
CVE-2025-32026Low3.82025-04-08Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to loa…
CVE-2024-51749Low3.52024-11-12Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attach…
CVE-2025-591612025-09-16Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of ro…
CVE-2024-477792024-10-15Element is a Matrix web client built using the Matrix React SDK. Element Web versions 1.11.70 through 1.11.80 contain a vulnerability which can, under speciall…