📦 Conduit

This vulnerability in Conduit's Client-Server API allows unauthorized users to manipulate room aliases, including moving the #admins alias to a controlled room. This enables privilege escalation to pe...

CVE-2024-6302 is a privilege escalation vulnerability in Conduit Matrix servers where local users can redact any message from users on the same server without proper authorization checks. This affects...

This vulnerability in Conduit's federation API allows remote servers to impersonate users from any server in most EDU (Education) environments due to insufficient origin validation. It affects Conduit...