The nonprofit Matrix Foundation, behind the federated communications protocol of the same name, announced this week patching what it described as two high-severity vulnerabilities that could have had catastrophic impact if exploited by sufficiently malicious actors.
According to the off-cycle security release, the bugs could have been exploited in potential attacks where malicious actors were enabled to seize control of classified discussion spaces, which numerous governments use Matrix for.
It is not clear how the vulnerabilities were discovered. The Matrix Foundation did not state whether it was aware of exploitation in the wild.
The update was described as “an exceptionally complicated project to coordinate” by the protocol’s co-founder and chief executive Matthew Hodgson, who added “its security implications required us to deviate from our usual [Matrix Spec Change] process and develop the changes under embargo.”
Unlike end-to-end encrypted messaging apps like WhatsApp and Signal, the Matrix protocol is an open standard that end-users can implement themselves and run on their own servers.
It is widely used by governments and enterprises, including within the French government’s instant messaging service Tchap, by the German armed forces and by numerous other public sector entities in Europe, all of which will deploy it to handle what they regard as sensitive information.
An alarm about the high-severity bugs was raised in a pre-disclosure last month, when Matrix said it had shared the details and the fixes under embargo with all known entities running their own implementations of the protocol.
Despite the initial intention that all users would get the changes implemented within six days, Matrix subsequently pushed the full disclosure back to a full month given concerns about the time to test the changes.
As disclosed in full this week, the first issue was identified as CVE-2025-49090, which has not yet been assigned a CVSS severity score. It affects the way rooms are controlled, by allowing a malicious administrator for instance within a government agency’s IT system to remove the permissions set by the official who created the channel.
In practice, this could be used to disrupt official communications within a crisis, to control the discussion space within a classified channel, or to direct the members of that channel to another room that is running a hostile version of the protocol under the malicious actor’s control.
This has been fixed by elevating the privileges given to the person who created the room in the way that any subsequent
The second bug, which has not been assigned a CVE number, affects how room IDs are generated. Although every Matrix room has a unique pseudo-random ID, in certain circumstances, an attacker would be able to predict what ID would be generated for that room.
In that case, the attacker could pre-create the room or potentially join a sensitive channel if the proper protections hadn’t been applied, setting it up so that it ran under the malicious attacker’s own rules — potentially facilitating exfiltration of sensitive information, or disrupting incident response communications at the time of a crisis.
To fix this bug, the protocol is now generating room IDs using an unpredictable cryptographic hash.
The foundation has warned that room upgrades are going to be disruptive for users and stressed that entities running implementations of the protocol will need to test their rollout before getting started. It has provided guidance to clients.
Recorded Future
Intelligence Cloud.
Learn more.