Vulnerability Database

308,379

Total vulnerabilities in the database

CVE-2025-59047

matrix-sdk-base is the base component to build a Matrix client library. In matrix-sdk-base before 0.14.1, calling the RoomMember::normalized_power_level() method can cause a panic if a room member has a power level of Int::Min. The issue is fixed in matrix-sdk-base 0.14.1. The affected method isn’t used internally, so avoiding calling RoomMember::normalized_power_level() prevents the panic.

Published: Sep 11, 2025
Updated: Nov 17, 2025
CVE: CVE-2025-59047
GHSA: GHSA-qhj8-q5r6-8q6j
Severity: Low
Exploit:

No technical information available.

CWEs:

CWE-682

Affected Software
References

Software	From	Fixed in
matrix-sdk-base	-	0.14.1

https://github.com/matrix-org/matrix-rust-sdk/commit/ce3b67f801446387972ff120e907ca828a9f1207
https://github.com/matrix-org/matrix-rust-sdk/pull/5635
https://github.com/matrix-org/matrix-rust-sdk/releases/tag/matrix-sdk-base-0.14.1
https://github.com/matrix-org/matrix-rust-sdk/security/advisories/GHSA-qhj8-q5r6-8q6j
https://rustsec.org/advisories/RUSTSEC-2025-0065.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo