Today we have released Element Desktop v1.11.45 which fixes CVE-2023-5217, a high severity vulnerability caused by the Electron dependency.
The vulnerability potentially allows a remote attacker to control program execution by sending a specially crafted malicious video.
We encourage users to upgrade as soon as possible.
If you use Element Web (e.g. by going to app.element.io in your browser) this does not affect you; this does not apply to Element's mobile apps either.