Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/05/21 8:22 a.m.45 views

CVE-2026-22880 Mobile SSO authentication flow allows credential theft via malicious server

Mattermost Mobile Apps versions =2.37 11.4 2.0.37 11.0.4 11.1.3 11.3.2 10.11.11.0 fail to properly validate the SSO authentication callback origin which allows an attacker controlling a malicious Mattermost server to steal user credentials for a legitimate Mattermost server via relaying the SSO...

6.1CVSS0.00117EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.4 views

PT-2025-46874

Name of the Vulnerable Software and Affected Versions Mattermost Mobile Apps versions prior to 2.32.0 Description The Mattermost Mobile Apps do not properly validate Single Sign-On SSO redirect tokens to ensure they come from a trusted server. This allows a malicious Mattermost instance or an...

6.1CVSS6.6AI score0.00141EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-32440

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00464EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:15 a.m.6 views

CVE-2024-3872

Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial complexity to parse certain deeplinks, which allows an unauthenticated remote attacker to freeze or crash the app via a long maliciously crafted link...

6.5CVSS7.1AI score0.00464EPSS
Exploits0
OSV
OSV
added 2024/04/16 9:5 a.m.6 views

CVE-2024-3872

Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial complexity to parse certain deeplinks, which allows an unauthenticated remote attacker to freeze or crash the app via a long maliciously crafted link...

3.1CVSS7AI score0.00464EPSS
Exploits0References3
Rows per page
Query Builder