CVE-2026-45078

Published May 28th, 2026

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1.

element-hq/synapse

Synapse: Matrix homeserver written in Python/Twisted + Rust

GitHub

4.26K