Sensitive Information Disclosure in Mattermost Desktop App by Mattermost
CVE-2025-13321

3.3LOW

Key Information:

Vendor

Mattermost
Status
Mattermost
Vendor
CVE Published:
17 December 2025

What is CVE-2025-13321?

The Mattermost Desktop App prior to version 6.0.0 is susceptible to a vulnerability that enables an attacker with access to a user's system to read application logs. These logs may contain sensitive information that has not been adequately sanitized or removed upon server deletion. This oversight poses a risk of exposing sensitive user data, potentially leading to unauthorized access and information leaks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Mattermost 0 <= 6.0.0

Mattermost 6.0.0

References

https://mattermost.com/security-updates

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Doyensec
JSON
.