These are all security issues fixed in the element-web-1.11.26-1.1 package on the GA media of openSUSE Tumbleweed.
{ "binaries": [ { "element-web": "1.11.26-1.1" } ] }