Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

A file access vulnerability in Rocket.Chat, tracked as CVE-2026-30833, allows attackers to predict MongoDB ObjectId values and potentially enumerate or access files that should be restricted. The flaw was reported by Aikido Security and affects organizations running Rocket.Chat as their internal or customer-facing communications platform. Affected version ranges have not yet been confirmed by NVD; organizations should treat any production Rocket.Chat deployment as potentially exposed until vendor guidance is published.

Author

Tech Jacks Solutions