CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1115 matches found

NVD•added 2025/10/16 9:15 a.m.•3 views

CVE-2025-58073

Mattermost versions 10.11.x = 10.11.1, 10.10.x = 10.10.2, 10.5.x = 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the OAuth state...

8.1CVSS0.00049EPSS

Exploits0References1

CVE•added 2025/10/16 8:44 a.m.•14 views

CVE-2025-58073

Mattermost Server (versions 10.11.x up to 10.11.1, 10.10.x up to 10.10.2, 10.5.x up to 10.5.10) is affected by CVE-2025-58073 due to insufficient verification of a user’s permission to join a team when using the original invite token. The underlying issue is the lack of proper authorization check...

8.1CVSS6.5AI score0.00049EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/10/16 8:44 a.m.•6 views

CVE-2025-58073 Arbitrary Mattermost Team can be joined by manipulating the OAuth state

8.1CVSS0.00049EPSS

Exploits0References1

Vulnrichment•added 2025/10/16 8:20 a.m.•1 views

CVE-2025-58075 Arbitrary Mattermost Team can be joined by manipulating the SAML RelayState

8.1CVSS6.5AI score0.00049EPSS

Exploits0References1

CNNVD•added 2025/10/16 12:0 a.m.•1 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability in Mattermost versions 10.11.1 and prior to 10.11.x, 10.10.2 and prior to 10.10.x, and 10.5.10 and prior to 10.5.x stems from an unvalidated user's privilege to join a Mattermo...

8.1CVSS6.4AI score0.00049EPSS

Exploits0References1