Matrix recently patched five vulnerabilities in its end-to-end encryption — two of them critical — that have the ability to break the confidentiality and authentication of messages.
If not patched, these vulnerabilities would let a malicious server read user messages and impersonate devices.