VYPR

Rocket.chat

by RocketChat

npm: rocket.chat

Source repositories

CVEs (74)

  • CVE-2026-29198CriApr 23, 2026
    risk 0.57cvss 9.8epss 0.00

    In Rocket.Chat <8.3.0, <8.2.1, <8.1.2, <8.0.3, <7.13.5, <7.12.6, <7.11.6, and <7.10.9, a NoSQL injection vulnerability can lead to account takeover of the first user with a generated token when an OAuth app is configured.

  • CVE-2024-46936HigSep 25, 2024
    risk 0.49cvss 7.5epss 0.00

    Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and before is vulnerable to a message forgery / impersonation issue. Attackers can abuse the UpdateOTRAck method to send ephemeral messages as if they were any other user they choose.

  • CVE-2024-42027MedOct 7, 2024
    risk 0.44cvss 6.7epss 0.01

    The E2EE password entropy generated by Rocket.Chat Mobile prior to version 4.5.1 is insufficient, allowing attackers to crack it if they have the appropriate time and resources.

  • CVE-2026-32995HigMay 28, 2026
    risk 0.42cvss 7.5epss 0.00

    The Rocket.Chat DDP method autoTranslate.translateMessage in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.5, <7.13.8, and <7.10.12 accepts a client-supplied IMessage object and passes it directly to translateMessage() without checking Meteor.userId() or verifying room…

  • CVE-2017-1000054MedJul 17, 2017
    risk 0.40cvss 6.1epss 0.01

    Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages.

  • CVE-2024-8270MedJun 11, 2025
    risk 0.36cvss 5.5epss 0.00

    The macOS Rocket.Chat application is affected by a vulnerability that allows bypassing Transparency, Consent, and Control (TCC) policies, enabling the exploitation or abuse of permissions specified in its entitlements (e.g., microphone, camera, automation, network client).…

  • CVE-2018-13879MedJul 11, 2018
    risk 0.35cvss 5.4epss 0.01

    A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66. When one creates an account, the next step will ask for a username. This field will not save HTML control characters but an error will be displayed that shows the attempted username…

  • CVE-2026-32994MedMay 19, 2026
    risk 0.34cvss 5.3epss 0.00

    The /api/v1/autotranslate.translateMessage endpoint in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.6, <7.13.8, and <7.10.12 allows any authenticated user to retrieve the full content of any message from any room (private groups, direct messages, channels) by simply…

  • CVE-2025-5892MedJun 9, 2025
    risk 0.28cvss 4.3epss 0.01

    A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient…

  • CVE-2026-22560MedApr 10, 2026
    risk 0.27cvss 5.3epss 0.00

    An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint.

  • CVE-2026-29197MedApr 24, 2026
    risk 0.21cvss 4.3epss 0.00

    In versions <8.4.0, <8.3.2, <8.2.2, <8.1.3, <8.0.4, <7.13.6, <7.12.7, <7.11.7, and <7.10.10, the endpoints /api/apps/logs and /api/apps/:id/logs have a typo in the required permission check, allowing authenticated users without the proper permissions to read apps-engine logs.

  • CVE-2021-22911May 27, 2021
    risk 0.10cvss epss 0.95

    A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.

  • CVE-2020-28208Jan 8, 2021
    risk 0.04cvss epss 0.11

    An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1.

  • CVE-2026-55762Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, the POST /api/v1/fingerprint REST endpoint enforces authentication (authRequired: true) but performs no authorization check. Any…

  • CVE-2026-55759Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, Rocket.Chat's Apple Sign-In handler verifies JWT signatures but skips claims validation. Any Apple-signed JWT with a non-empty iss…

  • CVE-2026-55666Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, in apps/meteor/app/apple/server/loginHandler.ts, handleIdentityToken parses a JWT issued by Apple during the OAuth flow. The try…

  • CVE-2026-49278Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, in the visitors.info endpoint, https://developer.rocket.chat/apidocs/get-visitor-information-by-id-1, token is returned in…

  • CVE-2026-49277Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, Rocket.Chat does not revoke OAuth bearer or refresh tokens when a user is deactivated. A deactivated user can continue using…

  • CVE-2026-45757Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, Rocket.Chat allows users deactivated through users.deactivateIdle to keep using already-issued login tokens. A user that an…

  • CVE-2026-46423Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's SAML service provider implementation silently skips both SAML Response and Assertion signature validation when…

Page 1 of 4