Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-3472 |
|
Vulnerability in mattermost (CVE-2026-3472)
vulnerability in mattermost (CVE-2026-3472). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4339 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-4339)
SSRF in ssrf (CVE-2026-4339). Confidential information can be exposed externally.
|
| CVE-2026-8823 |
|
Authorization Flaw in mattermost (CVE-2026-8823)
vulnerability in mattermost (CVE-2026-8823). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9162 |
|
Vulnerability in mattermost (CVE-2026-9162)
vulnerability in mattermost (CVE-2026-9162). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8074 |
|
Authorization Flaw in mattermost (CVE-2026-8074)
vulnerability in mattermost (CVE-2026-8074). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /api/v4/users/{id}/active`.
|
| CVE-2026-6673 |
|
Vulnerability in mattermost (CVE-2026-6673)
vulnerability in mattermost (CVE-2026-6673). Data can be tampered with by attackers.
|
| CVE-2026-6062 |
|
Vulnerability in mattermost (CVE-2026-6062)
vulnerability in mattermost (CVE-2026-6062). Confidential information can be exposed externally.
|
| CVE-2026-5139 |
|
Vulnerability in mattermost (CVE-2026-5139)
vulnerability in mattermost (CVE-2026-5139). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6739 |
|
Authorization Flaw in mattermost (CVE-2026-6739)
vulnerability in mattermost (CVE-2026-6739). Confidential information can be exposed externally.
|
| CVE-2026-6689 |
|
Vulnerability in mattermost (CVE-2026-6689)
vulnerability in mattermost (CVE-2026-6689). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v4/teams`.
|
| CVE-2026-6046 |
|
Information Disclosure in mattermost (CVE-2026-6046)
vulnerability in mattermost (CVE-2026-6046). Confidential information can be exposed externally.
|
| CVE-2026-7184 |
|
Vulnerability in mattermost (CVE-2026-7184)
vulnerability in mattermost (CVE-2026-7184). Confidential information can be exposed externally.
|
| CVE-2026-6961 |
|
Path Traversal in path-traversal (CVE-2026-6961)
path traversal in path-traversal (CVE-2026-6961). Data can be tampered with by attackers.
|
| CVE-2026-7387 |
|
Authorization Flaw in mattermost (CVE-2026-7387)
vulnerability in mattermost (CVE-2026-7387). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3433 |
|
Information Disclosure in mattermost (CVE-2026-3433)
vulnerability in mattermost (CVE-2026-3433). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4915 |
|
Vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4915)
vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4915). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.11.15` or later.
|
| CVE-2026-4858 |
|
Path Traversal in github.com/mattermost/mattermost-server (CVE-2026-4858)
path traversal in github.com/mattermost/mattermost-server (CVE-2026-4858). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `10.11.15` or later.
|
| CVE-2026-4055 |
|
Authorization Flaw in github.com/mattermost/mattermost/server/v8 (CVE-2026-4055)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-4055). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260320113102-f2b3d1c6a945` or later.
|
| CVE-2026-6347 |
|
Information Disclosure in github.com/mattermost/mattermost-server (CVE-2026-6347)
vulnerability in github.com/mattermost/mattermost-server (CVE-2026-6347). Confidential information can be exposed externally. Mitigation: upgrade to `11.4.4` or later.
|
| CVE-2026-5163 |
|
Vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-5163)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-5163). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.0-20260401090745-f4d1abe7e8f5` or later.
|
| CVE-2026-4286 |
|
Authorization Flaw in github.com/mattermost/mattermost/server/v8 (CVE-2026-4286)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-4286). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.11.14` or later.
|
| CVE-2026-28732 |
|
Authorization Flaw in github.com/mattermost/mattermost/server/v8 (CVE-2026-28732)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-28732). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260306123948-f5fe8ded6b63` or later.
|
| CVE-2026-6346 |
|
Information Disclosure in github.com/mattermost/mattermost/server/v8 (CVE-2026-6346)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6346). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.0-20260326202606-fac92f4a71f3` or later.
|
| CVE-2026-6342 |
|
Authorization Flaw in mattermost (CVE-2026-6342)
vulnerability in mattermost (CVE-2026-6342). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6345 |
|
Vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6345)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6345). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.0-20260311102650-3057ae7e83e9` or later.
|
| CVE-2026-6341 |
|
Authorization Flaw in mattermost (CVE-2026-6341)
vulnerability in mattermost (CVE-2026-6341). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6333 |
|
SSRF (Server-Side Request Forgery) in github.com/mattermost/mattermost/server/v8 (CVE-2026-6333)
SSRF in github.com/mattermost/mattermost/server/v8 (CVE-2026-6333). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Mitigation: upgrade to `8.0.0-20260325160634-e738016c5920` or later.
|
| CVE-2026-3117 |
|
Vulnerability in mattermost (CVE-2026-3117)
vulnerability in mattermost (CVE-2026-3117). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6339 |
|
Vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6339)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6339). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260327001745-7a339a6438f5` or later.
|
| CVE-2026-6343 |
|
Authorization Flaw in github.com/mattermost/mattermost/server/v8 (CVE-2026-6343)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6343). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.11.14` or later.
|
| CVE-2026-3495 |
|
Cross-Site Scripting (XSS) in github.com/mattermost/mattermost/server/v8 (CVE-2026-3495)
cross-site scripting in github.com/mattermost/mattermost/server/v8 (CVE-2026-3495). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260310115442-5a1ea95044d` or later.
|
| CVE-2026-3637 |
|
Vulnerability in github.com/mattermost/mattermost/server/public (CVE-2026-3637)
vulnerability in github.com/mattermost/mattermost/server/public (CVE-2026-3637). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.3.0` or later.
|
| CVE-2026-4273 |
|
Authorization Flaw in github.com/mattermost/mattermost/server/v8 (CVE-2026-4273)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-4273). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260313190740-742e0be95074` or later.
|
| CVE-2026-6340 |
|
Vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6340)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6340). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260325191733-fb11968f8798` or later.
|
| CVE-2026-6334 |
|
Vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6334)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6334). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260318173148-e9ae890a013b` or later.
|
| CVE-2026-28759 |
|
Authorization Flaw in github.com/mattermost/mattermost/server/v8 (CVE-2026-28759)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-28759). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260216150504-8738f8c4b3d4` or later.
|
| CVE-2026-2325 |
|
Vulnerability in github.com/mattermost/mattermost-server (CVE-2026-2325)
vulnerability in github.com/mattermost/mattermost-server (CVE-2026-2325). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.4.4` or later.
|
| CVE-2026-4054 |
|
Vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4054)
vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4054). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.4.4` or later.
|
| CVE-2026-4053 |
|
Vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4053)
vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4053). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.0.0-20260414103857-b21ef302025e` or later.
|
| CVE-2026-3116 |
|
Vulnerability in mattermost (CVE-2026-3116)
vulnerability in mattermost (CVE-2026-3116). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3109 |
|
Vulnerability in mattermost (CVE-2026-3109)
vulnerability in mattermost (CVE-2026-3109). Risk of unauthorized operations or information disclosure.
|