CVE Catalog

CVE-2026-13350

LowCVSS 2.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

7th percentile — higher than 7% of all known CVEs

Summary

Permissions were checked incorrectly during room creation, allowing attackers to create rooms of types they shouldn't be allowed to create.

Risk Assessment

An attacker can escalate privileges by creating unauthorized rooms, potentially leading to security policy violations and uncontrolled access to resources.

Recommendation

Update the software to a version that fixes the permission validation during room creation, and audit existing rooms for unauthorized entries.

Original NVD description (English source)

Permissions where checked incorrectly during room creation, allowing attackers to create rooms of types they shouldn't be allowed to create.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS