CVE-2025-31126 Information

Description

Element X iOS is a Matrix iOS Client provided by Element. In Element X iOS version between 1.6.13 and 25.03.7 the entity in control of the element.json well-known file is able under certain conditions to get access to the media encryption keys used for an Element Call call. This vulnerability is fixed in 25.03.8.

Reference

https://github.com/element-hq/element-meta/issues/2441 https://github.com/element-hq/element-x-ios/security/advisories/GHSA-69qf-p24v-rf8j