Skip to main content

Cinny CVE-2026-42553

| EUVDEUVD-2026-32612 HIGH
Improper Input Validation (CWE-20)
2026-05-07 https://github.com/cinnyapp/cinny GHSA-j944-w549-3453
7.1
CVSS 4.0 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
7.1 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

7
Analysis Updated
May 27, 2026 - 19:44 vuln.today
v3 (cvss_changed)
Analysis Updated
May 27, 2026 - 19:44 vuln.today
v2 (cvss_changed)
Re-analysis Queued
May 27, 2026 - 19:37 vuln.today
cvss_changed
CVSS changed
May 27, 2026 - 19:37 NVD
7.1 (HIGH)
Source Code Evidence Fetched
May 07, 2026 - 17:31 vuln.today
Analysis Generated
May 07, 2026 - 17:31 vuln.today
CVE Published
May 07, 2026 - 16:40 nvd
HIGH

DescriptionGitHub Advisory

Impact

A remote authenticated attacker who shares a room with a victim and has permissions to create room emotes (for example in a DM) can cause the victim's client to send their Matrix access token to an attacker-controlled server. This occurs when the victim opens the emoji or sticker picker for the room containing a malicious emote pack.

The root causes are:

(1) an incorrect fallback in EmojiBoard that uses untrusted pack.meta.avatar (user-controlled) without converting/validating it as an MXC URL, allowing arbitrary HTTP(S) URLs to be used; and

(2) the service worker attaching the user's Authorization bearer token to all outbound GET requests whose URL contains /_matrix/client/v1/media/download or /_matrix/client/v1/media/thumbnail without verifying the request host matches the configured homeserver origin. An attacker-controlled URL containing those path fragments and permissive CORS will receive the victim's Authorization header (access token).

Impacted users: anybody using affected Cinny web app versions who opens the emoji/sticker picker in a room containing a malicious emote pack and who is logged in (authenticated).

Patches

Version with fixes: https://github.com/cinnyapp/cinny/releases/tag/v4.10.3

AnalysisAI

Matrix access token disclosure in the Cinny web client (versions before 4.10.3) lets a remote authenticated attacker who shares a room with a victim and can create room emotes (e.g., in a DM) exfiltrate the victim's bearer access token to an attacker-controlled server. The token is leaked when the victim opens the emoji or sticker picker in a room containing a malicious emote pack, because a crafted pack avatar URL is fetched with the user's Authorization header attached. No public exploit has been identified at time of analysis, it is not listed in CISA KEV, and no EPSS score was provided; the vendor rates it CVSS 4.0 7.1 (confidentiality-only impact).

Technical ContextAI

Cinny is a Matrix client web application (pkg:npm/cinny) that uses a service worker to proxy authenticated media requests to the configured Matrix homeserver. Matrix media is normally referenced via MXC URIs (mxc://) that the client resolves into authenticated homeserver media-download endpoints. The flaw (CWE-20, Improper Input Validation) has two compounding root causes: first, the EmojiBoard component contains an incorrect fallback that consumes the user-controlled pack.meta.avatar value without converting or validating it as an MXC URL, so arbitrary http(s) URLs are accepted where an MXC reference was expected; second, the service worker attaches the user's Authorization bearer token to any outbound GET request whose URL merely contains the path fragments /_matrix/client/v1/media/download or /_matrix/client/v1/media/thumbnail, without verifying that the request host matches the configured homeserver origin. Combined, an attacker can supply an off-origin URL that contains those path fragments and serves permissive CORS headers to capture the leaked token.

RemediationAI

Vendor-released patch: 4.10.3 - upgrade Cinny to v4.10.3 or later (https://github.com/cinnyapp/cinny/releases/tag/v4.10.3), which adds validation to prevent an invalid mxc from being used and changes how session info is provided to the service worker. Because the vulnerability may already have exposed access tokens, the vendor explicitly advises every user to log out and log back in after updating to rotate the token; before logging out, ensure a working key backup exists or take a manual backup of encrypted chat keys, since logging out can otherwise cost access to encrypted messages. If immediate patching is not possible, compensating controls are limited but include advising users not to open the emoji or sticker picker in rooms or DMs with untrusted parties (trade-off: degrades a core UX feature and depends on user discipline) and, where the deployment is self-hosted, restricting who can create or upload room emote packs and rotating any potentially exposed tokens. Refer to advisory GHSA-j944-w549-3453 for full details.

Share

CVE-2026-42553 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy