VYPR

Vendor CVEs

RocketChat

All CVEs

75 total · sorted by risk
  • CVE-2024-29151CriMar 18, 2024
    risk 0.59cvss 9.1epss 0.00

    Rocket.Chat.Audit through 5ad78e8 depends on filecachetools, which does not exist in PyPI.

  • CVE-2026-29198CriApr 23, 2026
    risk 0.57cvss 9.8epss 0.00

    In Rocket.Chat <8.3.0, <8.2.1, <8.1.2, <8.0.3, <7.13.5, <7.12.6, <7.11.6, and <7.10.9, a NoSQL injection vulnerability can lead to account takeover of the first user with a generated token when an OAuth app is configured.

  • CVE-2024-46936HigSep 25, 2024
    risk 0.49cvss 7.5epss 0.00

    Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and before is vulnerable to a message forgery / impersonation issue. Attackers can abuse the UpdateOTRAck method to send ephemeral messages as if they were any other user they choose.

  • CVE-2024-42027MedOct 7, 2024
    risk 0.44cvss 6.7epss 0.01

    The E2EE password entropy generated by Rocket.Chat Mobile prior to version 4.5.1 is insufficient, allowing attackers to crack it if they have the appropriate time and resources.

  • CVE-2026-32995HigMay 28, 2026
    risk 0.42cvss 7.5epss 0.00

    The Rocket.Chat DDP method autoTranslate.translateMessage in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.5, <7.13.8, and <7.10.12 accepts a client-supplied IMessage object and passes it directly to translateMessage() without checking Meteor.userId() or verifying room…

  • CVE-2017-1000054MedJul 17, 2017
    risk 0.40cvss 6.1epss 0.01

    Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages.

  • CVE-2024-8270MedJun 11, 2025
    risk 0.36cvss 5.5epss 0.00

    The macOS Rocket.Chat application is affected by a vulnerability that allows bypassing Transparency, Consent, and Control (TCC) policies, enabling the exploitation or abuse of permissions specified in its entitlements (e.g., microphone, camera, automation, network client).…

  • CVE-2018-13879MedJul 11, 2018
    risk 0.35cvss 5.4epss 0.01

    A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66. When one creates an account, the next step will ask for a username. This field will not save HTML control characters but an error will be displayed that shows the attempted username…

  • CVE-2026-32994MedMay 19, 2026
    risk 0.34cvss 5.3epss 0.00

    The /api/v1/autotranslate.translateMessage endpoint in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.6, <7.13.8, and <7.10.12 allows any authenticated user to retrieve the full content of any message from any room (private groups, direct messages, channels) by simply…

  • CVE-2025-5892MedJun 9, 2025
    risk 0.28cvss 4.3epss 0.01

    A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient…

  • CVE-2026-22560MedApr 10, 2026
    risk 0.27cvss 5.3epss 0.00

    An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint.

  • CVE-2026-29197MedApr 24, 2026
    risk 0.21cvss 4.3epss 0.00

    In versions <8.4.0, <8.3.2, <8.2.2, <8.1.3, <8.0.4, <7.13.6, <7.12.7, <7.11.7, and <7.10.10, the endpoints /api/apps/logs and /api/apps/:id/logs have a typo in the required permission check, allowing authenticated users without the proper permissions to read apps-engine logs.

  • CVE-2021-22911May 27, 2021
    risk 0.10cvss epss 0.95

    A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.

  • CVE-2020-28208Jan 8, 2021
    risk 0.04cvss epss 0.11

    An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1.

  • CVE-2026-55762Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, the POST /api/v1/fingerprint REST endpoint enforces authentication (authRequired: true) but performs no authorization check. Any…

  • CVE-2026-55759Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, Rocket.Chat's Apple Sign-In handler verifies JWT signatures but skips claims validation. Any Apple-signed JWT with a non-empty iss…

  • CVE-2026-55666Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, in apps/meteor/app/apple/server/loginHandler.ts, handleIdentityToken parses a JWT issued by Apple during the OAuth flow. The try…

  • CVE-2026-49278Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, in the visitors.info endpoint, https://developer.rocket.chat/apidocs/get-visitor-information-by-id-1, token is returned in…

  • CVE-2026-49277Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, Rocket.Chat does not revoke OAuth bearer or refresh tokens when a user is deactivated. A deactivated user can continue using…

  • CVE-2026-45757Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, Rocket.Chat allows users deactivated through users.deactivateIdle to keep using already-issued login tokens. A user that an…

  • CVE-2026-46423Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's SAML service provider implementation silently skips both SAML Response and Assertion signature validation when…

  • CVE-2026-45689Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, an unauthenticated network attacker obtains a valid Rocket.Chat OAuth access token for an arbitrary user by sending a single…

  • CVE-2026-45688Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's CAS login handler forwards the client-supplied options.cas.credentialToken value straight into a MongoDB…

  • CVE-2026-45687Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's sendFileMessage DDP method passes the entire attacker-supplied file object into Uploads.updateFileComplete,…

  • CVE-2026-45677Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's SAML integration does not verify the signature on inbound LogoutRequest messages. An unauthenticated remote…

  • CVE-2026-47733Jun 24, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, the ImageElement component in packages/gazzodown renders user-controlled src values directly into and attributes without protocol sanitization. Unlike the…

  • CVE-2026-48616Jun 16, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat versions <8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, 7.13.9, 7.10.13 has an access control vulnerability in Livechat files. Protected file downloads at /file-upload/:fileId/:name authorize livechat access using rc_room_type=l with rc_rid+rc_token, but the…

  • CVE-2026-48929Jun 16, 2026
    risk 0.00cvss epss 0.01

    Rocket.Chat in versions <8.5.1, <8.4.4, <8.3.6, <8.2.6, <8.1.6, <8.0.7, <7.13.9, and <7.10.13 is vulnerable to unauthenticated file deletion. The deleteFileMessage Meteor method permanently deletes any uploaded file by ID without requiring authentication. When called via an…

  • CVE-2026-30833Mar 6, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.10.8, 7.11.5, 7.12.5, 7.13.4, 8.0.2, 8.1.1, and 8.2.0, a NoSQL injection vulnerability exists in Rocket.Chat's account service used in the ddp-streamer micro service that…

  • CVE-2026-30831Mar 6, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.10.8, 7.11.5, 7.12.5, 7.13.4, 8.0.2, 8.1.1, and 8.2.0, authentication vulnerabilities exist in Rocket.Chat's enterprise DDP Streamer service. The Account.login method exposed…

  • CVE-2026-28514Mar 6, 2026
    risk 0.00cvss epss 0.01

    Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.8.6, 7.9.8, 7.10.7, 7.11.4, 7.12.4, 7.13.3, and 8.0.0, a critical authentication bypass vulnerability exists in Rocket.Chat's account service used in the ddp-streamer micro…

  • CVE-2026-23477Jan 14, 2026
    risk 0.00cvss epss 0.00

    Rocket.Chat is an open-source, secure, fully customizable communications platform. In Rocket.Chat versions up to 6.12.0, the API endpoint GET /api/v1/oauth-apps.get is exposed to any authenticated user, regardless of their role or permissions. This endpoint returns an OAuth…

  • CVE-2025-7974Sep 2, 2025
    risk 0.00cvss epss 0.00

    rocket.chat Incorrect Authorization Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of rocket.chat. Authentication is not required to exploit this vulnerability. The specific flaw…

  • CVE-2024-46935Sep 24, 2024
    risk 0.00cvss epss 0.01

    Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser.

  • CVE-2024-47048Sep 24, 2024
    risk 0.00cvss epss 0.00

    Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier allows stored XSS in the description and release notes of the marketplace and private apps.

  • CVE-2024-46934Sep 24, 2024
    risk 0.00cvss epss 0.00

    Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to DOM-based Cross-site Scripting (XSS). Attackers may be able to abuse the UpdateOTRAck method to forge a message that contains an XSS payload.

  • CVE-2024-45621Sep 2, 2024
    risk 0.00cvss epss 0.00

    The Electron desktop application of Rocket.Chat through 6.3.4 allows stored XSS via links in an uploaded file, related to failure to use a separate browser upon encountering third-party external actions from PDF documents.

  • CVE-2024-39713Aug 5, 2024
    risk 0.00cvss epss 0.03

    A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1.

  • CVE-2023-28359May 11, 2023
    risk 0.00cvss epss 0.01

    A NoSQL injection vulnerability has been identified in the listEmojiCustom method call within Rocket.Chat. This can be exploited by unauthenticated users when there is at least one custom emoji uploaded to the Rocket.Chat instance. The vulnerability causes a delay in the server…

  • CVE-2023-28325May 11, 2023
    risk 0.00cvss epss 0.00

    An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to manipulate the rid parameter and change the updateMessage method that only checks whether the user is allowed to edit message in the target room.

  • CVE-2023-28357May 11, 2023
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in Rocket.Chat, where the ACL checks in the Slash Command /mute occur after checking whether a user is a member of a given channel, leaking private channel members to unauthorized users. This allows authenticated users to enumerate whether a…

  • CVE-2023-28358May 11, 2023
    risk 0.00cvss epss 0.00

    A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account…

  • CVE-2023-28356May 11, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been identified where a maliciously crafted message containing a specific chain of characters can cause the chat to enter a hot loop on one of the processes, consuming ~120% CPU and rendering the service unresponsive.

  • CVE-2023-28317May 9, 2023
    risk 0.00cvss epss 0.00

    A vulnerability has been discovered in Rocket.Chat, where editing messages can change the original timestamp, causing the UI to display messages in an incorrect order.

  • CVE-2023-28318May 9, 2023
    risk 0.00cvss epss 0.00

    A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices.

  • CVE-2023-28316May 9, 2023
    risk 0.00cvss epss 0.01

    A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not invalidated upon activating 2FA. This could potentially allow an attacker to maintain access to a compromised account even after 2FA is…

  • CVE-2023-23911Mar 10, 2023
    risk 0.00cvss epss 0.00

    An improper access control vulnerability exists prior to v6 that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room.

  • CVE-2023-23917Feb 23, 2023
    risk 0.00cvss epss 0.01

    A prototype pollution vulnerability exists in Rocket.Chat server <5.2.0 that could allow an attacker to a RCE under the admin account. Any user can create their own server in your cloud and become an admin so this vulnerability could affect the cloud infrastructure. This attack…

  • CVE-2022-32217Sep 23, 2022
    risk 0.00cvss epss 0.01

    A cleartext storage of sensitive information exists in Rocket.Chat <v4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs.

  • CVE-2022-32211Sep 23, 2022
    risk 0.00cvss epss 0.01

    A SQL injection vulnerability exists in Rocket.Chat <v3.18.6, <v4.4.4 and <v4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret.

Page 1 of 2