PT-2026-42745

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate file ownership and access control, which allows an authenticated user to access and download files belonging to other users or teams via crafted Boards API requests using valid file IDs...

CVE-2026-6333 SSRF via Host Header Spoofing in Custom Slash Commands

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to validate the Host header when constructing response URLs for custom slash commands which allows an authenticated attacker to redirect slash command responses to an attacker-controlled server via a spoofed Host header.. Mattermost...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series, 10.11.13 and earlier 10.11.x series, and 11.4.3 and earlier 11.4.x series have security vulnerabilities. These vulnerabilities stem fr...

Mattermost Server 10.11.x < 10.11.13 Improper Validation (MMSA-2026-00603)

The version of Mattermost Server installed on the remote host is affected by a vulnerability as referenced in the MMSA-2026-00603 advisory. - Mattermost versions 10.11.x prior to 10.11.13 fail to validate whether users were correctly owned by the correct Connected Workspace which allows a malicio...

CVE-2026-27769 Connected Workspaces: Malicious remote server can manipulate arbitrary user's status

Mattermost versions 10.11.x = 10.11.12 fail to validate whether users were correctly owned by the correct Connected Workspace which allows a malicious remote server connected using the Conntexted Workspaces feature to change the displayed status of local users via the Connected Workspaces API...

SUSE CVE-2026-26233

Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to rate limit login requests which allows unauthenticated remote attackers to cause denial of service server crash and restart via HTTP/2 single packet attack with 100+ parallel login requests...

SUSE CVE-2026-25783

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to properly validate User-Agent header tokens which allows an authenticated attacker to cause a request panic via a specially crafted User-Agent header. Mattermost Advisory ID: MMSA-2026-00586...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. There is a security vulnerability in Mattermost, which stems from an unvalidated target path for advanced log files. This vulnerability could allow system administrators to read arbitrary host files...

CVE-2026-25783

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to properly validate User-Agent header tokens which allows an authenticated attacker to cause a request panic via a specially crafted User-Agent header. Mattermost Advisory ID: MMSA-2026-00586...

CVE-2026-24458 DoS attack via login attempts with multi-megabyte passwords

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to properly handle very long passwords, which allows an attacker to overload the server CPU and memory via executing login attempts with multi-megabyte passwords. Mattermost Advisory ID: MMSA-2026-00587...

CVE-2026-26246 Memory Exhaustion via Malformed PSD File Upload

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to bound memory allocation when processing PSD image files which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted PSD file. Mattermost Advisory I...

CVE-2026-26246

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to bound memory allocation when processing PSD image files which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted PSD file. Mattermost Advisory I...

PT-2026-25757

Mattermost fails to validate user's authentication method when processing account auth type switch in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is...

PT-2026-25809

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to handle incorrectly reported array lengths which allows malicious user to cause OOM errors and crash the server via sending corrupted msgpack frames within websocket messages to calls plugin. Mattermost Advisory ID:...

EUVD-2026-6102

Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to properly validate login method restrictions which allows an authenticated user to bypass SSO-only login requirements via userID-based authentication. Mattermost Advisory ID: MMSA-2025-00548...

CVE-2025-14573

Mattermost versions 10.11.x = 10.11.9 fail to enforce invite permissions when updating team settings, which allows team administrators without proper permissions to bypass restrictions and add users to their team via API requests. Mattermost Advisory ID: MMSA-2025-00561...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.1.2 and earlier 11.1.x series as well as 10.11.9 and earlier 10.11.x series have security vulnerabilities. These vulnerabilities stem from improper authentication of...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 11.1.0 and prior to 11.1.x, 11.0.5 and prior to 11.0.x, 10.12.3 and prior to 10.12.x, and 10.11.7 and prior to 10.11.x. The vulnerability stems fr...

CVE-2025-62190

Mattermost versions 11.0.x = 11.0.4, 10.12.x = 10.12.2, 10.11.x = 10.11.6 and Mattermost Calls versions =1.10.0 fail to implement CSRF protection on the Calls widget page which allows an authenticated attacker to initiate calls and inject messages into channels or direct messages via a malicious...

CVE-2025-62690

Mattermost versions 10.11.x = 10.11.4 fail to validate redirect URLs on the /error page, which allows an attacker to redirect a victim to a malicious site via a crafted link opened in a new tab...