CVE-2025-5892

Medium CVSS: 5.3

A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Vendor

Rocket.chat

Product

Rocket.chat

CWE

CWE-400

Yayın Tarihi

2025-06-09 20:15:25

Güncelleme

2025-07-10 16:24:57

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-400 Rocket.chat MEDIUM Rocket.chat 2025

Referanslar

https://gist.github.com/mmmsssttt404/0fcda3b3e85edafc4eaa6816aa252deb https://github.com/RocketChat/Rocket.Chat/pull/35711 https://vuldb.com/?ctiid.311663 https://vuldb.com/?id.311663 https://vuldb.com/?submit.585751 https://github.com/RocketChat/Rocket.Chat/pull/35711

Benzer Kayıtlar

Medium

CVE-2026-30833

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.10.8, 7.11.5, 7.1…

High

CVE-2026-30831

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.10.8, 7.11.5, 7.1…

Critical

CVE-2026-28514

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.8.6, 7.9.8, 7.10.…

High

CVE-2026-23477

Rocket.Chat is an open-source, secure, fully customizable communications platform. In Rocket.Chat versions up to 6.12.0,…

High

CVE-2025-7974

rocket.chat Incorrect Authorization Information Disclosure Vulnerability. This vulnerability allows remote attackers to…