In Rocket.Chat <8.3.0, <8.2.1, <8.1.2, <8.0.3, <7.13.5, <7.12.6, <7.11.6, and <7.10.9, a NoSQL injection vulnerability can lead to account takeover of the first user with a generated token when an OAuth app is configured.
References
| Link | Resource |
|---|---|
| https://github.com/RocketChat/Rocket.Chat/pull/39492 | Issue Tracking Patch |
| https://hackerone.com/reports/3564655 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
13 May 2026, 20:39
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Rocket.chat rocket.chat
Rocket.chat |
|
| CPE | cpe:2.3:a:rocket.chat:rocket.chat:8.3.0:rc0:*:*:*:*:*:* cpe:2.3:a:rocket.chat:rocket.chat:8.3.0:rc1:*:*:*:*:*:* cpe:2.3:a:rocket.chat:rocket.chat:8.3.0:rc3:*:*:*:*:*:* cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:* cpe:2.3:a:rocket.chat:rocket.chat:8.3.0:rc2:*:*:*:*:*:* cpe:2.3:a:rocket.chat:rocket.chat:8.3.0:rc4:*:*:*:*:*:* |
|
| References | () https://github.com/RocketChat/Rocket.Chat/pull/39492 - Issue Tracking, Patch | |
| References | () https://hackerone.com/reports/3564655 - Third Party Advisory |
23 Apr 2026, 18:16
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
| CWE | CWE-89 |
23 Apr 2026, 00:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-04-23 00:16
Updated : 2026-05-13 20:39
NVD link : CVE-2026-29198
Mitre link : CVE-2026-29198
CVE.ORG link : CVE-2026-29198
JSON object : View
Products Affected
rocket.chat
- rocket.chat
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')