CVE-2025-59160

CVSS v4.0

2.7

Low

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U

Name of the Vulnerable Software and Affected Versions matrix-js-sdk versions prior to 38.2.0

Description The Matrix JavaScript SDK has insufficient validation of room predecessor links in the MatrixClient::getJoinedRooms function, potentially allowing a remote attacker to replace a tombstoned room with an attacker-supplied room.

Recommendations Upgrade to version 38.2.0. Avoid using the MatrixClient::getJoinedRooms function in favor of getRooms() and filter upgraded rooms separately.

Exploit

Fix

Insufficient Verification of Data Authenticity

Missing Authorization

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-345CWE-862CWE-20

Related Identifiers

CVE-2025-59160

GHSA-MP7C-M3RH-R56V

Affected Products

Debian

Matrix-Js-Sdk

CVE-2025-59160

Weakness Enumeration

Related Identifiers

Affected Products

References · 17