CVE-2026-45076

Source
https://cve.org/CVERecord?id=CVE-2026-45076
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45076.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-45076
Aliases
Downstream
Related
Published
2026-05-28T15:50:25.842Z
Modified
2026-07-15T01:49:21.551756017Z
Severity
  • 5.1 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVSS Calculator
Summary
Synapse pagination denial of service
Details

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This vulnerability is fixed in 1.152.1.

Database specific
{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-20"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45076.json"
}
References

Affected packages

Git / github.com/element-hq/synapse

Affected ranges

Type
GIT
Repo
https://github.com/element-hq/synapse
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE"
    ],
    "cpe": "cpe:2.3:a:element:synapse:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.152.1"
        }
    ]
}

Affected versions

Other
hhs-1
hhs-2
hhs-3
hhs-5
hhs-6
hhs-7
hhs-8
v0.*
v0.10.0
v0.10.0-r1
v0.10.0-r2
v0.11.0
v0.11.0-r1
v0.11.0-r2
v0.11.1
v0.12.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.16.0
v0.16.1
v0.16.1-r1
v0.17.0
v0.17.1
v0.17.2
v0.17.3
v0.18.0
v0.18.1
v0.18.2
v0.18.3
v0.18.4
v0.18.5
v0.2.0
v0.2.1
v0.2.1a
v0.2.2
v0.23.0-rc1
v0.23.0-rc2
v0.25.0-rc1
v0.28.0-rc1
v0.3.0
v0.3.3
v0.3.4
v0.32.0
v0.32.0rc1
v0.32.2
v0.4.1
v0.4.2
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.5.3a
v0.5.3b
v0.5.3c
v0.5.4
v0.5.4a
v0.6.0
v0.6.0a
v0.6.0b
v0.6.1
v0.6.1a
v0.6.1b
v0.6.1c
v0.6.1d
v0.6.1e
v0.6.1f
v0.7.0
v0.7.0a
v0.7.0b
v0.7.0c
v0.7.0d
v0.7.0e
v0.7.0f
v0.7.1
v0.7.1-r1
v0.7.1-r2
v0.7.1-r3
v0.7.1-r4
v0.8.0
v0.8.1
v0.8.1-r1
v0.8.1-r2
v0.8.1-r3
v0.8.1-r4
v0.9.0
v0.9.0-r1
v0.9.0-r2
v0.9.0-r3
v0.9.0-r4
v0.9.0-r5
v0.9.1
v0.9.2
v0.9.2-r1
v0.9.2-r2
v0.9.3
v0.99.1rc1
v0.99.2rc1
v0.99.4rc1
v0.99.5.1.dev0
v1.*
v1.1.0rc1
v1.1.0rc2
v1.10.0rc1
v1.100.0rc1
v1.100.0rc2
v1.100.0rc3
v1.101.0rc1
v1.103.0rc1
v1.104.0rc1
v1.105.0rc1
v1.106.0rc1
v1.11.0rc1
v1.111.0rc1
v1.112.0rc1
v1.114.0rc1
v1.115.0rc1
v1.116.0rc1
v1.12.0rc1
v1.121.0rc1
v1.123.0rc1
v1.124.0rc1
v1.126.0rc1
v1.126.0rc2
v1.126.0rc3
v1.127.0rc1
v1.128.0rc1
v1.130.0rc1
v1.133.0rc1
v1.135.0rc1
v1.136.0rc1
v1.137.0rc1
v1.138.0rc1
v1.14.0rc1
v1.142.0rc1
v1.142.0rc2
v1.142.0rc3
v1.143.0rc1
v1.143.0rc2
v1.146.0rc1
v1.147.0rc1
v1.15.0rc1
v1.150.0rc1
v1.151.0rc1
v1.152.0
v1.152.0rc1
v1.16.0rc1
v1.17.0rc1
v1.18.0rc1
v1.23.0rc1
v1.24.0rc1
v1.27.0rc1
v1.29.0rc1
v1.3.0rc1
v1.30.0rc1
v1.31.0rc1
v1.32.0rc1
v1.34.0rc1
v1.35.0rc1
v1.36.0rc1
v1.4.0rc1
v1.40.0rc1
v1.49.0rc1
v1.5.0rc1
v1.52.0rc1
v1.6.0rc1
v1.62.0rc1
v1.63.0rc1
v1.75.0rc1
v1.76.0rc1
v1.78.0rc1
v1.79.0rc1
v1.8.0rc1
v1.81.0rc1
v1.84.0rc1
v1.87.0rc1
v1.88.0rc1
v1.9.0.dev1
v1.9.0.dev2
v1.9.0rc1
v1.90.0rc1
v1.94.0rc1
v1.95.0rc1
v1.98.0rc1
v1.99.0rc1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45076.json"