VYPR
Low severityOSV Advisory· Published Sep 11, 2025· Updated Apr 15, 2026

CVE-2025-59047

CVE-2025-59047

Description

matrix-sdk-base is the base component to build a Matrix client library. In matrix-sdk-base before 0.14.1, calling the RoomMember::normalized_power_level() method can cause a panic if a room member has a power level of Int::Min. The issue is fixed in matrix-sdk-base 0.14.1. The affected method isn’t used internally, so avoiding calling RoomMember::normalized_power_level() prevents the panic.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
matrix-sdk-basecrates.io
< 0.14.10.14.1

Affected products

2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.