3 matches found
CVE-2026-5163
Mattermost versions 11.5.x = 11.5.1 fail to verify channel membership when processing AI-assisted message rewrites which allows an authenticated attacker to read the content of threads in private channels and direct messages they do not have access to via a crafted request to the post rewrite...
Mattermost doesn't verify channel membership when processing AI-assisted message rewrites
Mattermost versions 11.5.x = 11.5.1 fail to verify channel membership when processing AI-assisted message rewrites which allows an authenticated attacker to read the content of threads in private channels and direct messages they do not have access to via a crafted request to the post rewrite...
PT-2026-41655
Name of the Vulnerable Software and Affected Versions Mattermost versions 11.5.x through 11.5.1 Description An issue exists where channel membership is not verified during the processing of AI-assisted message rewrites. This allows an authenticated attacker to read the content of threads in priva...