Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: mattermost Clear
ID Title
CVE-2026-3472 Vulnerability in mattermost (CVE-2026-3472)
vulnerability in mattermost (CVE-2026-3472). Risk of unauthorized operations or information disclosure.
CVE-2026-4339 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-4339)
SSRF in ssrf (CVE-2026-4339). Confidential information can be exposed externally.
CVE-2026-8823 Authorization Flaw in mattermost (CVE-2026-8823)
vulnerability in mattermost (CVE-2026-8823). Risk of unauthorized operations or information disclosure.
CVE-2026-9162 Vulnerability in mattermost (CVE-2026-9162)
vulnerability in mattermost (CVE-2026-9162). Risk of unauthorized operations or information disclosure.
CVE-2026-8074 Authorization Flaw in mattermost (CVE-2026-8074)
vulnerability in mattermost (CVE-2026-8074). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /api/v4/users/{id}/active`.
CVE-2026-6673 Vulnerability in mattermost (CVE-2026-6673)
vulnerability in mattermost (CVE-2026-6673). Data can be tampered with by attackers.
CVE-2026-6062 Vulnerability in mattermost (CVE-2026-6062)
vulnerability in mattermost (CVE-2026-6062). Confidential information can be exposed externally.
CVE-2026-5139 Vulnerability in mattermost (CVE-2026-5139)
vulnerability in mattermost (CVE-2026-5139). Risk of unauthorized operations or information disclosure.
CVE-2026-8683 Vulnerability in mattermost (CVE-2026-8683)
vulnerability in mattermost (CVE-2026-8683). Risk of unauthorized operations or information disclosure.
CVE-2026-6517 Vulnerability in mattermost (CVE-2026-6517)
vulnerability in mattermost (CVE-2026-6517). Confidential information can be exposed externally.
CVE-2026-6739 Authorization Flaw in mattermost (CVE-2026-6739)
vulnerability in mattermost (CVE-2026-6739). Confidential information can be exposed externally.
CVE-2026-3433 Information Disclosure in mattermost (CVE-2026-3433)
vulnerability in mattermost (CVE-2026-3433). Risk of unauthorized operations or information disclosure.
CVE-2026-7387 Authorization Flaw in mattermost (CVE-2026-7387)
vulnerability in mattermost (CVE-2026-7387). Successful exploitation can lead to full system takeover.
CVE-2026-6961 Path Traversal in path-traversal (CVE-2026-6961)
path traversal in path-traversal (CVE-2026-6961). Data can be tampered with by attackers.
CVE-2026-7184 Vulnerability in mattermost (CVE-2026-7184)
vulnerability in mattermost (CVE-2026-7184). Confidential information can be exposed externally.
CVE-2026-6046 Information Disclosure in mattermost (CVE-2026-6046)
vulnerability in mattermost (CVE-2026-6046). Confidential information can be exposed externally.
CVE-2026-6689 Vulnerability in mattermost (CVE-2026-6689)
vulnerability in mattermost (CVE-2026-6689). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v4/teams`.
CVE-2026-6957 Path Traversal in mattermost (CVE-2026-6957)
path traversal in mattermost (CVE-2026-6957). Successful exploitation can lead to full system takeover.
CVE-2026-4915 Vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4915)
vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4915). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.11.15` or later.
CVE-2026-4858 Path Traversal in github.com/mattermost/mattermost-server (CVE-2026-4858)
path traversal in github.com/mattermost/mattermost-server (CVE-2026-4858). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `10.11.15` or later.
CVE-2026-4055 Authorization Flaw in github.com/mattermost/mattermost/server/v8 (CVE-2026-4055)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-4055). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260320113102-f2b3d1c6a945` or later.
CVE-2026-6347 Information Disclosure in github.com/mattermost/mattermost-server (CVE-2026-6347)
vulnerability in github.com/mattermost/mattermost-server (CVE-2026-6347). Confidential information can be exposed externally. Mitigation: upgrade to `11.4.4` or later.
CVE-2026-4286 Authorization Flaw in github.com/mattermost/mattermost/server/v8 (CVE-2026-4286)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-4286). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.11.14` or later.
CVE-2026-28732 Authorization Flaw in github.com/mattermost/mattermost/server/v8 (CVE-2026-28732)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-28732). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260306123948-f5fe8ded6b63` or later.
CVE-2026-6346 Information Disclosure in github.com/mattermost/mattermost/server/v8 (CVE-2026-6346)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6346). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.0-20260326202606-fac92f4a71f3` or later.
CVE-2026-6342 Authorization Flaw in mattermost (CVE-2026-6342)
vulnerability in mattermost (CVE-2026-6342). Risk of unauthorized operations or information disclosure.
CVE-2026-3471 Vulnerability in mattermost (CVE-2026-3471)
vulnerability in mattermost (CVE-2026-3471). Risk of unauthorized operations or information disclosure.
CVE-2026-6345 Vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6345)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6345). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.0-20260311102650-3057ae7e83e9` or later.
CVE-2026-6341 Authorization Flaw in mattermost (CVE-2026-6341)
vulnerability in mattermost (CVE-2026-6341). Risk of unauthorized operations or information disclosure.
CVE-2026-6333 SSRF (Server-Side Request Forgery) in github.com/mattermost/mattermost/server/v8 (CVE-2026-6333)
SSRF in github.com/mattermost/mattermost/server/v8 (CVE-2026-6333). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Mitigation: upgrade to `8.0.0-20260325160634-e738016c5920` or later.
CVE-2026-3117 Vulnerability in mattermost (CVE-2026-3117)
vulnerability in mattermost (CVE-2026-3117). Risk of unauthorized operations or information disclosure.
CVE-2026-4643 Vulnerability in dos (CVE-2026-4643)
vulnerability in dos (CVE-2026-4643). Risk of unauthorized operations or information disclosure.
CVE-2026-6339 Vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6339)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6339). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260327001745-7a339a6438f5` or later.
CVE-2026-6343 Authorization Flaw in github.com/mattermost/mattermost/server/v8 (CVE-2026-6343)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6343). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.11.14` or later.
CVE-2026-5163 Vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-5163)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-5163). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.0-20260401090745-f4d1abe7e8f5` or later.
CVE-2026-4273 Authorization Flaw in github.com/mattermost/mattermost/server/v8 (CVE-2026-4273)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-4273). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260313190740-742e0be95074` or later.
CVE-2026-6340 Vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6340)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6340). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260325191733-fb11968f8798` or later.
CVE-2026-6334 Vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6334)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6334). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260318173148-e9ae890a013b` or later.
CVE-2026-28759 Authorization Flaw in github.com/mattermost/mattermost/server/v8 (CVE-2026-28759)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-28759). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260216150504-8738f8c4b3d4` or later.
CVE-2026-2325 Vulnerability in github.com/mattermost/mattermost-server (CVE-2026-2325)
vulnerability in github.com/mattermost/mattermost-server (CVE-2026-2325). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.4.4` or later.
CVE-2026-3495 Cross-Site Scripting (XSS) in github.com/mattermost/mattermost/server/v8 (CVE-2026-3495)
cross-site scripting in github.com/mattermost/mattermost/server/v8 (CVE-2026-3495). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260310115442-5a1ea95044d` or later.
CVE-2026-3637 Vulnerability in github.com/mattermost/mattermost/server/public (CVE-2026-3637)
vulnerability in github.com/mattermost/mattermost/server/public (CVE-2026-3637). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.3.0` or later.
CVE-2026-4053 Vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4053)
vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4053). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.0.0-20260414103857-b21ef302025e` or later.
CVE-2026-4054 Vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4054)
vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4054). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.4.4` or later.
CVE-2026-3116 Vulnerability in mattermost (CVE-2026-3116)
vulnerability in mattermost (CVE-2026-3116). Risk of unauthorized operations or information disclosure.
CVE-2026-3109 Vulnerability in mattermost (CVE-2026-3109)
vulnerability in mattermost (CVE-2026-3109). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →