CVE security advisories and vulnerability history for rocket.chat by rocketchat.
51
Total CVEs
Published
0
In CISA KEV
Exploited in the wild
16
Public exploits
With known exploit
5.9
Avg CVSS
2017–2026
Last updated
Overview
rocketchat rocket.chat has 51 published CVE records since 2017, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 16 have a known public exploit. The average CVSS base score across scored CVEs is 5.9.
This page aggregates every publicly disclosed vulnerability (CVE) affecting rocketchat rocket.chat, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.
Severity and exploitation
How the CVSS severity of rocketchat rocket.chat's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.
Critical1
High8
Medium24
Low1
17 additional CVEs have no CVSS severity score.
In CISA’s Known Exploited Vulnerabilities catalog
0
None of rocketchat rocket.chat's CVEs are currently listed in CISA's KEV catalog.
Public exploits
16
16 of rocketchat rocket.chat's CVEs have a known public exploit available.
Affected versions and CVEs
Browse every rocketchat rocket.chat version named in a CVE, then pick one to see only the CVEs that affect it.
Common questions about rocketchat rocket.chat vulnerabilities.
How many CVEs does rocketchat rocket.chat have?
rocketchat rocket.chat has 51 published CVE records since 2017.
How many rocketchat rocket.chat CVEs are in CISA KEV?
None of rocketchat rocket.chat's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.
Are there public exploits for rocketchat rocket.chat vulnerabilities?
Yes — 16 of rocketchat rocket.chat's CVEs have a known public exploit.
Which versions of rocketchat rocket.chat are affected?
1,032 distinct rocketchat rocket.chat versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.
What are the most common weakness types in rocketchat rocket.chat CVEs?
rocketchat rocket.chat's CVEs most often map to these CWE weakness types: CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')), CWE-75 (Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)).
How many critical rocketchat rocket.chat vulnerabilities are there?
rocketchat rocket.chat has 1 critical and 8 high-severity CVEs.
What is the average severity of rocketchat rocket.chat CVEs?
The average CVSS base score across rocketchat rocket.chat's scored CVEs is 5.9.
