PT-2026-42745

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate file ownership and access control, which allows an authenticated user to access and download files belonging to other users or teams via crafted Boards API requests using valid file IDs...

GHSA-GVG4-JHMR-6J23 Mattermost doesn't check if {{team_id}} was being changed when updating playbooks

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to check if teamid was being changed when updating playbooks, allowing users with only Manage Playbook Configurations permission to change a playbook's team, bypassing manage members restriction via PUT api. Mattermost Advisory ID:...

GHSA-JX93-PF6X-874R Mattermost doesn't escape some variables that could contain malicious content during error page composition

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to escape some variables that could contain malicious content during error page composition which allows an attacker with access to edit some site configuration to execute some malicious code via injecting some JS as part of those...

CVE-2026-6333 SSRF via Host Header Spoofing in Custom Slash Commands

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to validate the Host header when constructing response URLs for custom slash commands which allows an authenticated attacker to redirect slash command responses to an attacker-controlled server via a spoofed Host header.. Mattermost...

CVE-2026-6345

Mattermost advisory CVE-2026-6345 affects Mattermost versions 11.4.x ≤ 11.4.3, 11.5.x ≤ 11.5.1 and 10.11.x ≤ 10.11.13. The issue is described as failing to prevent disclosure of created user passwords during the Slack import process, which could allow a malicious actor to impersonate a user using...

CVE-2026-3495 Unescaped variables during error page composition

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to escape some variables that could contain malicious content during error page composition which allows an attacker with access to edit some site configuration to execute some malicious code via injecting some JS as part of those...

CVE-2026-6334 OAuth authorization code client binding not enforced during token redemption in Mattermost

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different client via a crafted token exchange request.. Mattermo...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series, 10.11.13 and earlier 10.11.x series, and 11.4.3 and earlier 11.4.x series have security vulnerabilities. These vulnerabilities stem fr...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series, 10.11.13 and earlier 10.11.x series, and 11.4.3 and earlier 11.4.x series have security vulnerabilities. These vulnerabilities stem fr...

Mattermost 代码问题漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series as well as 10.11.13 and earlier 10.11.x series have code vulnerabilities. These vulnerabilities stem from the lack of validation of the...

Mattermost Server 10.11.x < 10.11.13 Improper Validation (MMSA-2026-00603)

The version of Mattermost Server installed on the remote host is affected by a vulnerability as referenced in the MMSA-2026-00603 advisory. - Mattermost versions 10.11.x prior to 10.11.13 fail to validate whether users were correctly owned by the correct Connected Workspace which allows a malicio...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: mariadb10.11: mariadb10.11-10.11.16-2.2.hum1 aarch64, x8664 mariadb10.11-backup-10.11.16-2.2.hum1 aarch64, x8664 mariadb10.11-client-utils-10.11.16-2.2.hum1 noarch...

CVE-2026-27769 Connected Workspaces: Malicious remote server can manipulate arbitrary user's status

Mattermost versions 10.11.x = 10.11.12 fail to validate whether users were correctly owned by the correct Connected Workspace which allows a malicious remote server connected using the Conntexted Workspaces feature to change the displayed status of local users via the Connected Workspaces API...

SUSE CVE-2026-26233

Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to rate limit login requests which allows unauthenticated remote attackers to cause denial of service server crash and restart via HTTP/2 single packet attack with 100+ parallel login requests...

RHEL 8 : mariadb:10.11 (RHSA-2026:6435)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6435 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Deni...

SUSE CVE-2026-2456

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 Mattermost fails to limit the size of responses from integration action endpoints, which allows an authenticated attacker to cause server memory exhaustion and denial of service via a malicious integration server that return...

SUSE CVE-2026-24692

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to properly enforce read permissions in search API endpoints which allows guest users without read permissions to access posts and files in channels via search API requests. Mattermost Advisory ID: MMSA-2025-00554...

SUSE CVE-2026-25783

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to properly validate User-Agent header tokens which allows an authenticated attacker to cause a request panic via a specially crafted User-Agent header. Mattermost Advisory ID: MMSA-2026-00586...

CVE-2026-2458

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to properly validate team membership when searching channels which allows a removed team member to enumerate all public channels within a private team via the channel search API endpoint.. Mattermost Advisory ID:...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. There is a security vulnerability in Mattermost, which stems from an unvalidated target path for advanced log files. This vulnerability could allow system administrators to read arbitrary host files...