3 matches found
CVE-2026-8074
Mattermost CVE-2026-8074 affects Mattermost versions 11.7.x (<=11.7.0) and 10.11.x (
CVE-2026-8074
Mattermost versions 11.7.x = 11.7.0, 10.11.x = 10.11.17 fail to enforce bot-specific permission checks on the user active status endpoint, which allows a User Manager with user management write access but no Integrations access to deactivate bot accounts via the PUT /api/v4/users/id/active API...
PT-2026-51320
Name of the Vulnerable Software and Affected Versions Mattermost version 11.7.0 Mattermost versions prior to 10.11.17 Description Insufficient enforcement of bot-specific permission checks on the user active status endpoint allows a User Manager with user management write access, but lacking...