Rocket.chat
This hub aggregates every CVE we track for Rocket.chat, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
67
CVEs tracked
10
Critical
16
High
0
In CISA KEV
Severity distribution
MEDIUM41HIGH16CRITICAL10
Monthly trend
1
4
0
0
0
0
0
0
0
0
1
0
0
1
0
0
0
1
0
0
3
2
9
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Rocket.chat.
- CVE-2026-55762Rocket.Chat: Any Authenticated User Can Permanently Deregister Workspace from Rocket.Chat Cloud via Unprotected `/api/v1/fingerprint` Endpoint8.1
- CVE-2026-55759Rocket.Chat: Apple Sign-In skips JWT claims validation, allowing expired and cross-audience token replay7.4
- CVE-2026-49278Rocket.Chat: Livechat Visitor Profile Disclosure Leaks Bearer Token and Enables Visitor Impersonation6.7
- CVE-2026-45689Rocket.Chat: Pre-Auth NoSQL Injection in OAuth2 Token Endpoint leading to Arbitrary User ATO9.1
- CVE-2026-45688Rocket.Chat: Pre-Auth NoSQL Injection in CAS Login Handler leading to Arbitrary CAS/SAML User Session Hijack9.1
- CVE-2026-45687Rocket.Chat: Authenticated Arbitrary Data Export Theft via Mass Assignment in sendFileMessage8.5
- CVE-2026-47733Rocket.Chat: Missing URL protocol sanitization in ImageElement allows javascript: URLs in markdown images4.4
- CVE-2026-48929Rocket.Chat in versions <8.5.1, <8.4.4, <8.3.6, <8.2.6, <8.1.6, <8.0.7, <7.13.9, and <7.10.13 is vulnerable to unauthenticated file deletion. The deleteFileMessage Meteor method permanently deletes...7.5
- CVE-2026-48616Rocket.Chat versions <8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, 7.13.9, 7.10.13 has an access control vulnerability in Livechat files. Protected file downloads at /file-upload/:fileId/:name authori...9.3
- CVE-2026-32995The Rocket.Chat DDP method autoTranslate.translateMessage in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.5, <7.13.8, and <7.10.12 accepts a client-supplied IMessage object and passes it d...7.5
- CVE-2026-32994The /api/v1/autotranslate.translateMessage endpoint in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.6, <7.13.8, and <7.10.12 allows any authenticated user to retrieve the full content of a...5.3
- CVE-2026-29197In versions <8.4.0, <8.3.2, <8.2.2, <8.1.3, <8.0.4, <7.13.6, <7.12.7, <7.11.7, and <7.10.10, the endpoints /api/apps/logs and /api/apps/:id/logs have a typo in the required permission check, allowi...4.3
- CVE-2026-29198In Rocket.Chat <8.3.0, <8.2.1, <8.1.2, <8.0.3, <7.13.5, <7.12.6, <7.11.6, and <7.10.9, a NoSQL injection vulnerability can lead to account takeover of the first user with a generated token when an ...9.8
- CVE-2026-22560An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint.5.3
- CVE-2026-23477Rocket.Chat Unauthorized Access to OAuth App Details7.7
Product normalization is registry-driven with AI assist and human review. How it works