Lucene search
K

11 matches found

NVD
NVD
added 2026/06/26 3:16 p.m.7 views

CVE-2026-3472

Mattermost versions 10.11.x = 10.11.18, 11.6.x = 11.6.3, 11.5.x = 11.5.6 fail to properly apply markdown image rendering restrictions to AI bot tool result posts, which allows an authenticated attacker to exfiltrate data to an attacker-controlled server via injecting markdown image syntax into to...

3.5CVSS0.00194EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:42 p.m.23 views

CVE-2026-3472

CVE-2026-3472 affects Mattermost where specific versions (10.11.x <= 10.11.18, 11.6.x <= 11.6.3, 11.5.x

3.5CVSS5.8AI score0.00194EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:9 p.m.3 views

CVE-2026-27570

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the onebox method in the SharedAiConversation model renders the conversation title directly into HTML without proper sanitization. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 conta...

6.1CVSS5.7AI score0.00347EPSS
Exploits0References1
Akamai Blog
Akamai Blog
added 2025/10/27 12:0 p.m.6 views

AI Pulse: What Circadian Rhythms Reveal About AI Bot Behavior

...

7AI score
Exploits0
Cvelist
Cvelist
added 2025/04/30 5:14 p.m.42 views

CVE-2025-30392 Azure AI Bot Elevation of Privilege Vulnerability

...

9.8CVSS0.00879EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/30 5:14 p.m.10 views

CVE-2025-30392 Azure AI Bot Elevation of Privilege Vulnerability

...

9.8CVSS5.9AI score0.00879EPSS
Exploits0References1
Veracode
Veracode
added 2025/04/24 8:8 a.m.7 views

Incorrect Authorization

github.com/mattermost/mattermost-server is vulnerable to Incorrect Authorization. The vulnerability is due to insufficient access control mechanisms within the integration between the AI and Wrangler plugins in Mattermost. Specifically, Mattermost fails to properly validate or restrict the use of...

4.3CVSS6.7AI score0.00198EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2025/04/16 7:44 a.m.220 views

CVE-2025-24839

Mattermost CVE-2025-24839 affects Mattermost Server 9.11.x <= 9.11.9, 10.4.x <= 10.4.3, and 10.5.x

4.3CVSS3.8AI score0.00198EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/16 7:44 a.m.17 views

CVE-2025-24839 Unauthorized AI bot activation via Wrangler plugin

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to prevent Wrangler posts from triggering AI responses. This vulnerability allows users without access to the AI bot to activate it by attaching the activateai override property to a post via the Wrangler plugin, provided...

3.1CVSS0.00198EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/16 7:44 a.m.14 views

CVE-2025-24839 Unauthorized AI bot activation via Wrangler plugin

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to prevent Wrangler posts from triggering AI responses. This vulnerability allows users without access to the AI bot to activate it by attaching the activateai override property to a post via the Wrangler plugin, provided...

3.1CVSS4.2AI score0.00198EPSS
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2020/11/18 2:0 p.m.31 views

Telegram Still Hasn’t Removed an AI Bot That’s Abusing Women

A deepfake bot has been generating explicit, non-consensual images on the platform. The researchers who found it say their warnings have been ignored...

2.8AI score
Exploits0
Rows per page
Query Builder