CNNVD-202602-2087 Information
CNNVD ID
CNNVD-202602-2087
Related CVE
- CNNVD Published: 2026-02-12
Description (Chinese)
Element Server Suite是Element开源的一个服务器套件社区版。 Element Server Suite Community Edition (ESS Community)存在安全漏洞,该漏洞源于Matrix服务器密钥生成方法不安全,可能导致网络攻击者重新创建相同密钥对并冒充受害服务器。
Description (English)
Element Server Suite is a community-based server suite from the Open Source of Element. There is a security loophole in the Element Server Security Commission (ESS Community) that stems from the unsafe method of generating the key from the Matrix server, which may lead cyber attackers to recreate the same key pair and impersonate the injured server.
Vulnerability Type
其他
Affected Vendor
Element
Published
2026-02-12
Last Modified
2026-02-24
References
https://github.com/element-hq/ess-helm/releases/tag/25.12.2 https://github.com/element-hq/ess-helm/security/advisories/GHSA-qwcj-h6m8-vp6q https://github.com/element-hq/ess-helm/blob/main/docs/maintenance.md#fixing-cve-2026-24044elementsec-2025-1670-manually https://access.redhat.com/security/cve/cve-2026-24044
Patch
https://github.com/element-hq/ess-helm/releases
Share on: