CVE-2025-49222

Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2, 10.10.x = 10.10.0 fail to validate upload types in remote cluster upload sessions which allows a system admin to upload non-attachment file types via shared channels that could potentially be placed in...

The vulnerability of the IT service management web component Ivanti Neurons for ITSM allows a attacker to write files to arbitrary directories on the ITSM server.

The vulnerability of the IT service management web component Ivanti Neurons for ITSM is related to the unlimited uploading of dangerous files. Exploiting this vulnerability allows a malicious actor to write files to any directory on the ITSM server...