Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.10.x <= 10.10.0, 10.9.x <= 10.9.3 fail to validate import data which allows a system admin to crash the server via the bulk import feature.
References
| Link | Resource |
|---|---|
| https://mattermost.com/security-updates | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
01 Oct 2025, 20:23
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Mattermost mattermost Server
Mattermost |
|
| References | () https://mattermost.com/security-updates - Vendor Advisory | |
| CPE | cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:* cpe:2.3:a:mattermost:mattermost_server:10.10.0:-:*:*:*:*:*:* |
22 Aug 2025, 18:08
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
21 Aug 2025, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-08-21 17:15
Updated : 2025-10-01 20:23
NVD link : CVE-2025-8402
Mitre link : CVE-2025-8402
CVE.ORG link : CVE-2025-8402
JSON object : View
Products Affected
mattermost
- mattermost_server