Filtered by vendor Mattermost
Subscribe
Total
533 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-28736 | 1 Mattermost | 1 Focalboard | 2026-04-28 | N/A | 4.3 MEDIUM |
| ** UNSUPPORTED WHEN ASSIGNED ** Focalboard version 8.0 fails to validate file ownership when serving uploaded files. This allows an authenticated attacker who knows a victim's fileID to read the content of the file. NOTE: Focalboard as a standalone product is not maintained and no fix will be issued. | |||||
| CVE-2026-25773 | 1 Mattermost | 1 Focalboard | 2026-04-28 | N/A | 8.1 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** Focalboard version 8.0 fails to sanitize category IDs before incorporating them into dynamic SQL statements when reordering categories. An attacker can inject a malicious SQL payload into the category id field, which is stored in the database and later executed unsanitized when the category reorder API processes the stored value. This Second-Order SQL Injection (Time-Based Blind) allows an authenticated attacker to exfiltrate sensitive data including password hashes of other users. NOTE: Focalboard as a standalone product is not maintained and no fix will be issued. | |||||
| CVE-2026-21388 | 1 Mattermost | 1 Mattermost Server | 2026-04-25 | N/A | 3.7 LOW |
| Mattermost Plugins versions <=2.3.1 fail to limit the request body size on the {{/lifecycle}} webhook endpoint which allows an authenticated attacker to cause memory exhaustion and denial of service via sending an oversized JSON payload. Mattermost Advisory ID: MMSA-2026-00610 | |||||
| CVE-2026-27769 | 1 Mattermost | 1 Mattermost Server | 2026-04-22 | N/A | 2.7 LOW |
| Mattermost versions 10.11.x <= 10.11.12 fail to validate whether users were correctly owned by the correct Connected Workspace which allows a malicious remote server connected using the Conntexted Workspaces feature to change the displayed status of local users via the Connected Workspaces API.. Mattermost Advisory ID: MMSA-2026-00603 | |||||
| CVE-2026-28741 | 1 Mattermost | 1 Mattermost Server | 2026-04-22 | N/A | 6.8 MEDIUM |
| Mattermost versions 10.11.x <= 10.11.12, 11.5.x <= 11.5.0, 11.4.x <= 11.4.2, 11.3.x <= 11.3.2 fail to validate CSRF tokens on an authentication endpoint which allows an attacker to update a user's authentication method via a CSRF attack by tricking a user into visiting a malicious page. Mattermost Advisory ID: MMSA-2026-00625 | |||||
| CVE-2026-3590 | 1 Mattermost | 1 Mattermost Server | 2026-04-22 | N/A | 6.5 MEDIUM |
| Mattermost versions 10.11.x <= 10.11.12, 11.5.x <= 11.5.0, 11.4.x <= 11.4.2, 11.3.x <= 11.3.2 fail to enforce atomic single-use consumption of guest magic link tokens, which allows an attacker with access to a valid magic link to establish multiple independent authenticated sessions via concurrent requests.. Mattermost Advisory ID: MMSA-2026-00624 | |||||
| CVE-2026-24661 | 1 Mattermost | 1 Mattermost | 2026-04-17 | N/A | 3.7 LOW |
| Mattermost Plugins versions <=2.1.3.0 fail to limit the request body size on the {{/changes}} webhook endpoint which allows an authenticated attacker to cause memory exhaustion and denial of service via sending an oversized JSON payload. Mattermost Advisory ID: MMSA-2026-00611 | |||||
| CVE-2026-3108 | 1 Mattermost | 1 Mattermost Server | 2026-03-30 | N/A | 8.0 HIGH |
| Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences that enable screen manipulation, fake prompts, and clipboard hijacking.. Mattermost Advisory ID: MMSA-2026-00599 | |||||
| CVE-2026-3112 | 1 Mattermost | 1 Mattermost Server | 2026-03-30 | N/A | 6.8 MEDIUM |
| Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to validate Advanced Logging file target paths which allows system administrators to read arbitrary host files via malicious AdvancedLoggingJSON configuration in support packet generation. Mattermost Advisory ID: MMSA-2025-00562 | |||||
| CVE-2026-3113 | 1 Mattermost | 1 Mattermost Server | 2026-03-30 | N/A | 5.0 MEDIUM |
| Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to set permissions on downloaded bulk export which allows other local users on the server to be able to read contents of the bulk export.. Mattermost Advisory ID: MMSA-2026-00593 | |||||
| CVE-2026-3114 | 1 Mattermost | 1 Mattermost Server | 2026-03-30 | N/A | 6.5 MEDIUM |
| Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to validate decompressed archive entry sizes during file extraction which allows authenticated users with file upload permissions to cause a denial of service via crafted zip archives containing highly compressed entries (zip bombs) that exhaust server memory.. Mattermost Advisory ID: MMSA-2026-00598 | |||||
| CVE-2026-3115 | 1 Mattermost | 1 Mattermost Server | 2026-03-30 | N/A | 4.3 MEDIUM |
| Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to apply view restrictions when retrieving group member IDs, which allows authenticated guest users to enumerate user IDs outside their allowed visibility scope via the group retrieval endpoint.. Mattermost Advisory ID: MMSA-2026-00594 | |||||
| CVE-2026-20719 | 1 Mattermost | 1 Mattermost Server | 2026-03-26 | N/A | 4.3 MEDIUM |
| Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to prevent rendering of external SVGs on link embeds which allows unauthenticated users to crash the Mattermost webapp and desktop app via creating an issue or PR on GitHub.. Mattermost Advisory ID: MMSA-2026-00595 | |||||
| CVE-2026-26233 | 1 Mattermost | 1 Mattermost Server | 2026-03-26 | N/A | 4.3 MEDIUM |
| Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to rate limit login requests which allows unauthenticated remote attackers to cause denial of service (server crash and restart) via HTTP/2 single packet attack with 100+ parallel login requests.. Mattermost Advisory ID: MMSA-2025-00566 | |||||
| CVE-2026-27656 | 1 Mattermost | 1 Mattermost Server | 2026-03-26 | N/A | 5.7 MEDIUM |
| Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to properly validate user identity in the OpenID {{IsSameUser()}} comparison logic, which allows an attacker to take over arbitrary user accounts via an overly permissive substring matching flaw in the user discovery flow.. Mattermost Advisory ID: MMSA-2026-00590 | |||||
| CVE-2026-27659 | 1 Mattermost | 1 Mattermost Server | 2026-03-26 | N/A | 4.6 MEDIUM |
| Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to properly validate CSRF tokens in the /api/v4/access_control_policies/{policy_id}/activate endpoint, which allows an attacker to trick an admin into changing access control policy active status via a crafted request.. Mattermost Advisory ID: MMSA-2026-00578 | |||||
| CVE-2026-4274 | 1 Mattermost | 1 Mattermost Server | 2026-03-26 | N/A | 5.4 MEDIUM |
| Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to restrict team-level access when processing membership sync from a remote cluster, which allows a malicious remote cluster to grant a user access to an entire private team instead of only the shared channel via sending crafted membership sync messages that trigger team membership assignment. Mattermost Advisory ID: MMSA-2026-00574 | |||||
| CVE-2026-1046 | 1 Mattermost | 1 Mattermost Desktop | 2026-03-23 | N/A | 7.6 HIGH |
| Mattermost Desktop App versions <=6.0 6.2.0 5.2.13.0 fail to validate help links which allows a malicious Mattermost server to execute arbitrary executables on a user’s system via the user clicking on certain items in the Help menu Mattermost Advisory ID: MMSA-2026-00577 | |||||
| CVE-2026-2461 | 1 Mattermost | 1 Mattermost Server | 2026-03-20 | N/A | 4.3 MEDIUM |
| Mattermost Plugins versions <=11.3 11.0.3 11.2.2 10.10.11.0 fail to implement authorisation checks on comment block modifications, which allows an authorised attacker with editor permission to modify comments created by other board members. Mattermost Advisory ID: MMSA-2025-00559 | |||||
| CVE-2026-2476 | 1 Mattermost | 1 Ms Teams | 2026-03-20 | N/A | 7.6 HIGH |
| Mattermost Plugins versions <=2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606 | |||||