Approved changes feed: RSS · Atom

cpe:2.3:a:element-hq:element-web:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorElement Hq (3b16b3ba-f167-5a48-b62a-dc4536b16c63)
ProductElement Web (9c52c243-c5d7-5d15-aa10-7a94ecbbcaf6)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-59161 vulnerable 2026-06-08 07:35:20.680040 In Element Web and Element Desktop, a malicious room can hide an unrelated room and cause it to be left when the malicious room is left
Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated attacker-supplied room. While the effect of this is temporary, it may still confuse users into acting on incorrect assumptions. The issue has been patched and users should upgrade to 1.11.112. A reload/refresh will fix the incorrect room list state, removing the attacker's room and restoring the original room.
Published: 2025-09-16T16:44:15.660Z
Updated: 2025-09-16T18:26:26.341Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-32026 vulnerable 2026-06-08 07:18:58.969525 Element Web could load a malicious instance of Element Call leaking media encryption keys
LOW (3.8)
Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used for an Element Call call. Version 1.11.97 fixes the problem.
Published: 2025-04-08T15:22:54.903Z
Updated: 2025-04-08T20:02:20.297Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-51750 vulnerable 2026-06-08 06:52:12.771022 Element allows a malicious homeserver can modify events leading to unrenderable events or rooms
MEDIUM (5)
Element is a Matrix web client built using the Matrix React SDK. A malicious homeserver can send invalid messages over federation which can prevent Element Web and Desktop from rendering single messages or the entire room containing them. This was patched in Element Web and Desktop 1.11.85.
Published: 2024-11-12T16:34:27.928Z
Updated: 2024-11-12T17:12:21.715Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-51749 vulnerable 2026-06-08 06:52:12.770723 Element's thumbnails can be abused to misrepresent the content of an attachment
LOW (3.5)
Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attachments, stickers and images are coherent. It is possible to add thumbnails to events trigger a file download once clicked. Fixed in element-web 1.11.85.
Published: 2024-11-12T16:34:21.603Z
Updated: 2024-11-12T17:14:30.943Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-47779 vulnerable 2026-06-08 06:48:13.151096 Element Web vulnerable to potential exposure of access token via authenticated media
Element is a Matrix web client built using the Matrix React SDK. Element Web versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access token becoming exposed to third parties. At least one vector has been identified internally, involving malicious widgets, but other vectors may exist. Note that despite superficial similarity to CVE-2024-47771, this is an entirely separate vulnerability, caused by a separate piece of code included only in Element Web. Element Web and Element Desktop share most but not all, of their code and this vulnerability exists in the part of the code base which is not shared between the projects. Users are strongly advised to upgrade to version 1.11.81 to remediate the issue. As a workaround, avoid granting permissions to untrusted widgets.
Published: 2024-10-15T15:28:00.293Z
Updated: 2024-11-12T16:07:45.332Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.