Low severityOSV Advisory· Published Sep 16, 2025· Updated Apr 15, 2026
CVE-2025-59160
CVE-2025-59160
Description
Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated attacker-supplied room. The issue has been patched and users should upgrade to 38.2.0. A workaround is to avoid using MatrixClient::getJoinedRooms in favor of getRooms() and filtering upgraded rooms separately.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
matrix-js-sdknpm | < 38.2.0 | 38.2.0 |
Affected products
2- Range: no-media-devices-release, v0.1.0, v0.1.1, …
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-mp7c-m3rh-r56vghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-59160ghsaADVISORY
- github.com/matrix-org/matrix-js-sdk/commit/43c72d5bf5e2d0a26b3b4f71092e7cb39d4137c4nvdWEB
- github.com/matrix-org/matrix-js-sdk/releases/tag/v38.2.0ghsaWEB
- github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-mp7c-m3rh-r56vnvdWEB
- www.npmjs.com/package/matrix-js-sdk/v/38.2.0ghsaWEB
News mentions
0No linked articles in our index yet.