Matrix-sdk-crypto
This hub aggregates every CVE we track for Matrix-sdk-crypto, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM4HIGH1
Monthly trend
1
0
0
0
0
0
1
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Matrix-sdk-crypto.
- CVE-2025-48937matrix-sdk-crypto vulnerable to sender of encrypted events being spoofed by homeserver administrator4.9
- CVE-2024-52813matrix-sdk-crypto missing facility to signal rotation of a verified cryptographic identity4.3
- CVE-2024-40648`UserIdentity::is_verified` not checking verification status of own user identity while performing the check in matrix-rust-sdk5.4
- CVE-2024-34353matrix-sdk-crypto contains a log exposure of private key of the server-side key backup5.5
- CVE-2022-39252When matrix-rust-sdk recieves forwarded room keys, the reciever doesn't check if it requested the key from the forwarder8.6
Product normalization is registry-driven with AI assist and human review. How it works