CVE-2026-45076
Synapse pagination denial of service
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This vulnerability is fixed in 1.152.1.
| CWE | CWE-20 |
| Vendor | element-hq |
| Product | synapse |
| Published | May 28, 2026 |
| Last Updated | Jun 2, 2026 |
Stay Ahead of the Next One
Get instant alerts for element-hq synapse
Be the first to know when new unknown vulnerabilities affecting element-hq synapse are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
element-hq / synapse
< 1.152.1