CNNVD-202510-277 Information

CNNVD ID

CNNVD-202510-277

Related CVE

CVE-2025-49090

• CNNVD Published: 2025-10-02

Description (Chinese)

Matrix是Matrix开源的一个新生态系统，用于开放联合即时消息和 VoIP。 Matrix 1.16之前版本存在安全漏洞，该漏洞源于状态解析不足。

Description (English)

Martrix is a new ecosystem of the Martrix Open Source, which is used to open joint instant messaging and VoIP. There was a security gap in the previous version 1.16, which stemmed from inadequate state resolution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Matrix

Published

2025-10-02

Last Modified

2026-02-24

References

https://github.com/Nheko-Reborn/nheko/issues/1931 https://github.com/matrix-org/matrix-spec/releases/tag/v1.16 https://matrix.org/blog/2025/08/project-hydra-improving-state-res/ https://matrix.org/blog/2025/08/security-release/

Patch

https://github.com/matrix-org/matrix-spec/releases