Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.4 views

Mattermost Server 10.11.x < 10.11.16 / 11.5.x < 11.5.5 / 11.6.x < 11.6.2 Multiple Vulnerabilities (MMSA-2026-00616 / MMSA-2026-00649 / MMSA-2026-00655 / MMSA-2026-00656 / MMSA-2026-00661 / MMSA-2026-00662 / MMSA-2026-00665)

The version of Mattermost Server installed on the remote host is affected by multiple vulnerabilities: - Mattermost fails to require role-management authorization when setting the schemeadmin flag on group syncable link and patch endpoints, which allows a user with group-link permissions to...

8.8CVSS6.1AI score0.00298EPSS
Exploits0References8
NVD
NVD
added 2026/06/12 5:16 p.m.15 views

CVE-2026-6961

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 Mattermost fails to sanitize FileInfo.Name received from federated peers during shared channel file sync, which allows an attacker who controls a federated server to write files to arbitrary locations...

7.6CVSS0.00294EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:56 p.m.13 views

EUVD-2026-36504

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 Mattermost fails to sanitize FileInfo.Name received from federated peers during shared channel file sync, which allows an attacker who controls a federated server to write files to arbitrary locations...

7.6CVSS5.4AI score0.00294EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.18 views

PT-2026-48939

Name of the Vulnerable Software and Affected Versions Mattermost versions 11.6.0 through 11.6.1 Mattermost versions 11.5.0 through 11.5.4 Mattermost versions 10.11.0 through 10.11.16 Description Insufficient sanitization of the FileInfo.Name variable received from federated peers during shared...

7.6CVSS6AI score0.00294EPSS
Exploits0References4
Rows per page
Query Builder