CVE-2026-28759
- EPSS 0.15%
- Veröffentlicht 18.05.2026 06:50:07
- Zuletzt bearbeitet 18.05.2026 19:17:19
Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to validate that a remote cluster has access to a channel before processing membership removal requests during shared channel membership sync, which allows a malicious r...
CVE-2026-6334
- EPSS 0.12%
- Veröffentlicht 18.05.2026 06:33:56
- Zuletzt bearbeitet 29.05.2026 19:11:30
Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different clien...
CVE-2026-4053
- EPSS 0.17%
- Veröffentlicht 15.05.2026 18:42:47
- Zuletzt bearbeitet 18.05.2026 18:37:37
Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to enforce the PostEditTimeLimit on non-message post fields which allows an authenticated user to modify post file attachments, props, and pin status after the edit window has expired via...
CVE-2026-4054
- EPSS 0.24%
- Veröffentlicht 15.05.2026 18:32:44
- Zuletzt bearbeitet 18.05.2026 18:36:00
Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 Fail to validate the response body of proxied images, which allows a remote attacker to enact client-side DoS via an SVG file served from an attacker-controlled origin under ...
CVE-2026-3590
- EPSS 0.15%
- Veröffentlicht 15.04.2026 11:00:14
- Zuletzt bearbeitet 22.04.2026 19:41:52
Mattermost versions 10.11.x <= 10.11.12, 11.5.x <= 11.5.0, 11.4.x <= 11.4.2, 11.3.x <= 11.3.2 fail to enforce atomic single-use consumption of guest magic link tokens, which allows an attacker with access to a valid magic link to establish multiple i...
CVE-2026-28741
- EPSS 0.13%
- Veröffentlicht 15.04.2026 10:13:33
- Zuletzt bearbeitet 22.04.2026 19:42:25
Mattermost versions 10.11.x <= 10.11.12, 11.5.x <= 11.5.0, 11.4.x <= 11.4.2, 11.3.x <= 11.3.2 fail to validate CSRF tokens on an authentication endpoint which allows an attacker to update a user's authentication method via a CSRF attack by tricking a...
CVE-2026-27769
- EPSS 0.17%
- Veröffentlicht 15.04.2026 10:11:07
- Zuletzt bearbeitet 22.04.2026 19:43:52
Mattermost versions 10.11.x <= 10.11.12 fail to validate whether users were correctly owned by the correct Connected Workspace which allows a malicious remote server connected using the Conntexted Workspaces feature to change the displayed status of ...
CVE-2026-24661
- EPSS 0.31%
- Veröffentlicht 09.04.2026 10:12:45
- Zuletzt bearbeitet 17.04.2026 20:31:03
Mattermost Plugins versions <=2.1.3.0 fail to limit the request body size on the {{/changes}} webhook endpoint which allows an authenticated attacker to cause memory exhaustion and denial of service via sending an oversized JSON payload. Mattermost A...
CVE-2026-21388
- EPSS 0.31%
- Veröffentlicht 09.04.2026 10:09:23
- Zuletzt bearbeitet 25.04.2026 18:02:06
Mattermost Plugins versions <=2.3.1 fail to limit the request body size on the {{/lifecycle}} webhook endpoint which allows an authenticated attacker to cause memory exhaustion and denial of service via sending an oversized JSON payload. Mattermost A...
CVE-2026-3524
- EPSS 0.38%
- Veröffentlicht 06.04.2026 12:06:22
- Zuletzt bearbeitet 07.04.2026 13:20:35
Mattermost Plugin Legal Hold versions <=1.1.4 fail to halt request processing after a failed authorization check in ServeHTTP which allows an authenticated attacker to access, create, download, and delete legal hold data via crafted API requests to t...