Vulnerabilities > Rocket Chat > Rocket Chat > 5.0.0

DATE CVE VULNERABILITY TITLE RISK
2023-03-10 CVE-2023-23911 Inadequate Encryption Strength vulnerability in Rocket.Chat
An improper access control vulnerability exists prior to v6 that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room.
network
low complexity
rocket-chat CWE-326
7.5
2023-02-23 CVE-2023-23917 Unspecified vulnerability in Rocket.Chat
A prototype pollution vulnerability exists in Rocket.Chat server <5.2.0 that could allow an attacker to a RCE under the admin account.
network
low complexity
rocket-chat
8.8