CVE-2025-23197

Name of the Vulnerable Software and Affected Versions matrix-hookshot versions 5.4.1 and earlier matrix-hookshot versions 6.0.1 and earlier

Description The issue is related to a Denial of Service (DoS) condition that can occur when the software is configured with GitHub support. This happens due to a missing check, allowing the software to crash on restart. The impact is greater when untrusted users can add their own GitHub organizations to connect their room to a repository. The vulnerability is exploited by insufficient validation of unusual or exceptional states when connecting to the GitHub platform, potentially allowing a remote attacker to cause a denial of service.

Recommendations For matrix-hookshot version 5.4.1 and earlier, update to version 5.4.2 to resolve the issue. For matrix-hookshot version 6.0.1 and earlier, update to version 6.0.2 to resolve the issue.