CVE-2025-9078

🗓️ 15 Sep 2025 10:10:06Reported by MattermostType

CVE-2025-9078: Weak cache keys allow authenticated users to access posts and poison link previews.

Reporter	Title	Published	Views	Family All 48
Circl	CVE-2025-9078	15 Sep 202513:52	–	circl
CNNVD	Mattermost 安全漏洞	15 Sep 202500:00	–	cnnvd
Cvelist	CVE-2025-9078 Weak cache keys lead to post IDOR and link preview poisoning	15 Sep 202510:10	–	cvelist
EUVD	EUVD-2025-29164	3 Oct 202520:07	–	euvd
Github Security Blog	Mattermost makes Use of Weak Hash	15 Sep 202512:31	–	github
NVD	CVE-2025-9078	15 Sep 202510:15	–	nvd
OSV	GHSA-9P92-X77W-9FW2 Mattermost makes Use of Weak Hash	15 Sep 202512:31	–	osv
OSV	GO-2025-3959 Mattermost makes Use of Weak Hash in github.com/mattermost/mattermost-server	17 Sep 202517:03	–	osv
OSV	OPENSUSE-SU-2025:15564-1 govulncheck-vulndb-0.0.20250917T170349-1.1 on GA media	18 Sep 202500:00	–	osv
OSV	SUSE-SU-2025:03289-1 Security update for govulncheck-vulndb	22 Sep 202510:16	–	osv

NVD

Node

mattermost mattermost_serverRange9.11.0–9.11.18

mattermost mattermost_serverRange10.5.0–10.5.9

mattermost mattermost_serverRange10.8.0–10.8.4

mattermost mattermost_serverRange10.9.0–10.9.4

mattermost mattermost_serverRange10.10.0–10.10.2

[
  {
    "defaultStatus": "unaffected",
    "product": "Mattermost",
    "vendor": "Mattermost",
    "versions": [
      {
        "lessThanOrEqual": "10.8.3",
        "status": "affected",
        "version": "10.8.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "10.5.8",
        "status": "affected",
        "version": "10.5.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "9.11.17",
        "status": "affected",
        "version": "9.11.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "10.10.1",
        "status": "affected",
        "version": "10.10.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "10.9.3",
        "status": "affected",
        "version": "10.9.0",
        "versionType": "semver"
      },
      {
        "version": "10.11.0",
        "status": "unaffected"
      },
      {
        "version": "10.8.4",
        "status": "unaffected"
      },
      {
        "version": "10.5.9",
        "status": "unaffected"
      },
      {
        "version": "9.11.18",
        "status": "unaffected"
      },
      {
        "version": "10.10.2",
        "status": "unaffected"
      },
      {
        "version": "10.9.4",
        "status": "unaffected"
      }
    ]
  }
]

Source	Link
mattermost	www.mattermost.com/security-updates

16 Sep 2025 15:58Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.14.3

EPSS0.00035

SSVC

CWE-328