Synapse

This hub aggregates every CVE we track for Synapse, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Synapse.

• CVE-2026-45078Synapse CPU starvation (Denial of Service)5.5May 28, 2026
• CVE-2026-45076Synapse pagination denial of service2.7May 28, 2026
• CVE-2025-9870Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability7.8Oct 29, 2025
• CVE-2025-9871Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability7.8Oct 29, 2025
• CVE-2025-9869Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability7.8Oct 29, 2025
• CVE-2025-30355Synapse vulnerable to federation denial of service via malformed events7.1Mar 27, 2025
• CVE-2024-37303Synapse unauthenticated writes to the media repository allow planting of problematic content5.3Dec 3, 2024
• CVE-2024-37302Synapse denial of service through media disk space consumption7.5Dec 3, 2024
• CVE-2024-52805Synapse allows unsupported content types to lead to memory exhaustion7.5Dec 3, 2024
• CVE-2024-52815Synapse allows a a malformed invite to break the invitee's `/sync`5.3Dec 3, 2024
• CVE-2024-53867Synapse Matrix has a partial room state leak via Sliding Sync4.3Dec 3, 2024
• CVE-2024-53863Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders9.1Dec 3, 2024
• CVE-2024-31208Synapse's V2 state resolution weakness allows DoS from remote room members6.5Apr 23, 2024
• CVE-2023-43796Synapse vulnerable to leak of remote user device information5.3Oct 31, 2023
• CVE-2023-45129matrix-synapse vulnerable to denial of service due to malicious server ACL events4.9Oct 10, 2023