Mattermost Latest Vulnerabilities
Latest vulnerabilities published by mattermost
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
CVE-2026-6961: Path traversal via unsanitized FileInfo.Name in Mattermost federation sync
CVE-2026-6961MattermostMattermost7.6HIGHMattermost group syncable endpoints allow privilege escalation via scheme_admin
CVE-2026-7387MattermostMattermost8.8HIGHPlugin bot username conflict allows user account to be used as bot identity in Mattermost Server
CVE-2026-6046MattermostMattermost5.3MEDIUM*Missing* {{invite_user}} *permission check on team creation allows unprivileged users to set open-invite and allowed-domains team settings*
CVE-2026-6689MattermostMattermost4.3MEDIUMMattermost Remote Cluster PATCH API Leaks Authentication Tokens
CVE-2026-7184MattermostMattermost6.5MEDIUMMattermost: Delegated admins could patch protected default system roles
CVE-2026-6739MattermostMattermost6.7MEDIUMMattermost fails to scope role_updated websocket events to authorized team and channel members
CVE-2026-3433MattermostMattermost4.3MEDIUMFile Path Vulnerability in Mattermost by Mattermost Inc.
CVE-2026-6957MattermostMattermost8HIGHDenial of Service Vulnerability in Mattermost Software by Mattermost
CVE-2026-4915MattermostMattermost6.5MEDIUMOAuth Token Scope Validation Flaw in Mattermost
CVE-2026-28735MattermostMattermost5.4MEDIUMChannel Archiving Flaw in Mattermost Affects Multiple Versions
CVE-2026-4635MattermostMattermost6.5MEDIUMFile Access Vulnerability in Mattermost by Mattermost Inc.
CVE-2026-3473MattermostMattermost5.9MEDIUMAPI Request Handler Vulnerability in Mattermost Applications
CVE-2026-4646MattermostMattermost4.3MEDIUMImproper Data Sanitization in Mattermost API for Team Member Information
CVE-2026-3636MattermostMattermost4.3MEDIUMWebSocket Message Parsing Flaw in Mattermost Server by Mattermost
CVE-2026-5740MattermostMattermost7.5HIGHDenial of Service Vulnerability in Mattermost Product from Mattermost
CVE-2026-5308MattermostMattermost4.9MEDIUMDenial of Service Vulnerability in Mattermost by Mattermost
CVE-2026-5755MattermostMattermost6.5MEDIUMSSO Authentication Flaw in Mattermost Mobile Apps
CVE-2026-22880MattermostMattermost6.1MEDIUMPath Traversal Vulnerability in Mattermost by Mattermost Inc.
CVE-2026-4858MattermostMattermost8HIGHVulnerability in Mattermost Team Management Permissions
CVE-2026-4055MattermostMattermost4.3MEDIUMVulnerability in Mattermost Desktop App Allows Remote Crash
CVE-2026-3471MattermostMattermost6.5MEDIUMDenial of Service Vulnerability in Mattermost Desktop App
CVE-2026-4643MattermostMattermost3.5LOWHost Header Spoofing Vulnerability in Mattermost by Mattermost
CVE-2026-6333MattermostMattermost3.5LOWUser Password Disclosure in Mattermost by Mattermost Inc.
CVE-2026-6345MattermostMattermost6.5MEDIUMSensitive Credential Exposure in Mattermost by Mattermost
CVE-2026-6346MattermostMattermost8.7HIGH