HarborGuard / CVE
Back to search
HIGHCVE-2026-42553Published Modified CNA GitHub_M

CVE-2026-42553: Cinny: Access token disclosure via invalidated emoji pack avatar URL in service worker

Cinny is a Matrix client. Prior to 4.10.3, A remote authenticated attacker who shares a room with a victim and has permissions to create room emotes (for example in a DM) can cause the victim's client to send their Matrix access token to an attacker-controlled server. This occurs when the victim opens the emoji or sticker picker for the room containing a malicious emote pack. This is caused by an incorrect fallback in EmojiBoard that uses untrusted pack.meta.avatar (user-controlled) without converting/validating it as an MXC URL, allowing arbitrary HTTP(S) URLs to be used. Also, the service worker attaching the user's Authorization bearer token to all outbound GET requests whose URL contains /_matrix/client/v1/media/download or /_matrix/client/v1/media/thumbnail without verifying the request host matches the configured homeserver origin. An attacker-controlled URL containing those path fragments and permissive CORS will receive the victim's Authorization header (access token). This vulnerability is fixed in 4.10.3.

HarborGuard Analysis

HarborGuard analysis

Synopsis

This is an access token disclosure vulnerability in Cinny, a Matrix web client. A remote attacker who shares a room with a victim and holds room-emote creation permissions can plant a malicious emoji pack avatar pointing to an attacker-controlled URL; when the victim opens the emoji or sticker picker, the Cinny service worker appends the victim's Matrix Authorization bearer token to the outbound request because it matches on path fragments (/_matrix/client/v1/media/download or /_matrix/client/v1/media/thumbnail) without verifying the destination host. Successful exploitation gives the attacker a valid Matrix access token, enabling full account impersonation. HarborGuard tracks this advisory and will make a patched-image rebuild available the moment an upstream fix version is published.

HarborGuard Coverage

Detection

Detection of CVE-2026-42553 is available across every HarborGuard environment; the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including custom-built images that bundle Cinny, in active registry scans and CI pipeline checks.

Available
Triage

HarborGuard scores this finding at CVSS 7.1 (HIGH) and weights it against each environment's configured compliance policy, routing alerts to the appropriate team inbox within the customer organization based on image ownership and policy severity thresholds.

Available
Patch

Because no fix version has been published yet, HarborGuard re-checks the Cinny advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment version 4.10.3 or a later upstream fix is released. For customers with auto-remediation enabled, the rebuild, regression run, and PR against affected workloads will be triggered without manual intervention as soon as the fix lands upstream.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the victim's Cinny instance over the network and must share a Matrix room with the victim to deliver the malicious emoji pack.

  • AuthenticationRequired

    The attacker must hold a valid Matrix account with room-emote creation permissions in a shared room; any low-privilege account meeting that criterion is sufficient.

  • Victim interactionNot required

    No explicit victim action beyond opening the emoji or sticker picker in the affected room is required; no social-engineering step is needed beyond the attacker being in the same room.

  • Attack complexityDetail

    Exploit conditions are reliable and largely free of environmental constraints; the attacker simply sets a crafted avatar URL and waits for the victim to open the picker.

Blast Radius

  • The attacker receives the victim's Matrix access token in the Authorization header of the forged request.
  • With the stolen token the attacker can impersonate the victim across the entire Matrix homeserver, reading all room history the account can access.
  • The attacker can send messages, modify room state, and perform any API action the victim's account is authorized for.

How HarborGuard Handles This

Available on HarborGuard: because no upstream fix version exists for CVE-2026-42553 at this time, HarborGuard continuously re-checks the Cinny advisory on every ingest cycle and will surface a patched-image rebuild the moment version 4.10.3 or a later fix is published upstream. In the interim, customers can apply compensating controls through HarborGuard policy rules: network-policy isolation to restrict outbound requests from Cinny deployments to the configured homeserver origin only, and egress filtering to block requests to arbitrary HTTPS destinations that match Matrix media path fragments. For customers with auto-remediation enabled, once an upstream fix is available, HarborGuard will trigger a rebuild, run regression tests, and open a PR against affected workloads automatically. Customers without auto-remediation will receive a prioritized alert routed through their configured compliance policy as soon as the fix version is ingested.

See how HarborGuard automates this

Metrics

CVSS v4.0
7.1
Severity
HIGH
Fixed in
Affected Products
1
Affected packages
  • cinnyapp / cinny
    < 4.10.3
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
References