E

Element Security Vulnerabilities (CVE)

Explore vulnerabilities and security advisories affecting Element products.

2 known CVE vulnerabilities tracked

Critical
0
High
0
Medium
1
Low
1
None
0

Vulnerabilities By Year

2
2026

Products Affected

Synapse 2

All Element CVEs

Recent Highest Score Oldest
CVE-2026-45078
5.5 medium

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1.

Synapse May 28, 2026
CVE-2026-45076
2.7 low

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This vulnerabilit

Synapse May 28, 2026