Lucene search
+L

120 matches found

NVD
NVD
added 7 hours ago6 views

CVE-2026-8075

Mattermost Desktop App versions =6.2 5.5.13 6.0.2.0 fail to properly null check when checking for headers in the Mattermost Desktop App which allows any user to crash another channel members Desktop App via posting a malicious link with an embedded image that misses one of those headers. Mattermo...

6.5CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 8 hours ago3 views

CVE-2026-8075

Mattermost Desktop App versions =6.2 5.5.13 6.0.2.0 fail to properly null check when checking for headers in the Mattermost Desktop App which allows any user to crash another channel members Desktop App via posting a malicious link with an embedded image that misses one of those headers. Mattermo...

6.5CVSS5.3AI score
Exploits0References2
Cvelist
Cvelist
added 8 hours ago13 views

CVE-2026-8075 Posting a malicious markdown image crashes the Mattermost Desktop App

Mattermost Desktop App versions =6.2 5.5.13 6.0.2.0 fail to properly null check when checking for headers in the Mattermost Desktop App which allows any user to crash another channel members Desktop App via posting a malicious link with an embedded image that misses one of those headers. Mattermo...

6.5CVSS
Exploits0References1
EUVD
EUVD
added 8 hours ago5 views

EUVD-2026-45157

Mattermost Desktop App versions =6.2 5.5.13 6.0.2.0 fail to properly null check when checking for headers in the Mattermost Desktop App which allows any user to crash another channel members Desktop App via posting a malicious link with an embedded image that misses one of those headers. Mattermo...

6.5CVSS5.3AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 9 hours ago3 views

CVE-2026-9602

Mattermost Desktop App versions =6.2 6.0.2 5.6.13.0 fail to validate payloads sent from the Mattermost Web App to the Desktop App which allows a malicious server owner to crash the Mattermost Desktop App via changing the payload of a method to a malformed one. Mattermost Advisory ID: MMSA-2026-00...

6.5CVSS5.3AI score
Exploits0References2
NVD
NVD
added 2026/06/15 4:16 p.m.11 views

CVE-2026-8683

Mattermost Desktop App versions =6.1 5.5.13.0 fail to account for attempting to open extremely long URLs in the Mattermost Desktop App which allows a malicious server owner to crash the application via including a script to call window.open on a very large URL. Mattermost Advisory ID:...

6.5CVSS0.00199EPSS
Exploits0References1
OSV
OSV
added 2026/06/15 2:6 p.m.4 views

CVE-2026-8683 Overly long URLs crash the Mattermost Desktop App

Mattermost Desktop App versions =6.1 5.5.13.0 fail to account for attempting to open extremely long URLs in the Mattermost Desktop App which allows a malicious server owner to crash the application via including a script to call window.open on a very large URL. Mattermost Advisory ID:...

6.5CVSS6AI score0.00199EPSS
Exploits0References3
CVE
CVE
added 2026/06/15 2:6 p.m.20 views

CVE-2026-8683

Mattermost Desktop App

6.5CVSS5.2AI score0.00199EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/15 1:55 p.m.40 views

CVE-2026-6517 Mattermost Desktop App fails to restrict the allow list of domains which NTLM credentials are passed

Mattermost Desktop App versions =6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were forwarded to in the Mattermost Desktop App which allows any user on a server without the image proxy enabled to intercept other users credentials via embedding an image that...

6.3CVSS0.00187EPSS
Exploits0References1
OSV
OSV
added 2026/06/15 1:55 p.m.4 views

CVE-2026-6517 Mattermost Desktop App fails to restrict the allow list of domains which NTLM credentials are passed

Mattermost Desktop App versions =6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were forwarded to in the Mattermost Desktop App which allows any user on a server without the image proxy enabled to intercept other users credentials via embedding an image that...

6.3CVSS6AI score0.00187EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.20 views

PT-2026-49243

Name of the Vulnerable Software and Affected Versions Mattermost Desktop App versions prior to 6.1 Mattermost Desktop App version 5.5.13.0 Description The application fails to properly handle attempts to open extremely long URLs. A malicious server owner can cause the application to crash by...

6.5CVSS5.9AI score0.00199EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/18 8:45 a.m.15 views

EUVD-2026-30757

Mattermost Desktop App versions =6.1 6.0.1 5.4.13.0 fail to prevent an invalid URL from loading in a pop-up window in the Mattermost Desktop App which allows a malicious server owner to repeated crash the application via calling window.open'javascript:alert';. Mattermost Advisory ID: MMSA-2026-00...

6.5CVSS5.8AI score0.00184EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/18 8:43 a.m.14 views

EUVD-2026-30758

Mattermost Desktop App versions =6.1 6.0.1 5.4.13.0 fail to prevent server-rendered content from closing an underlying application view in the Mattermost Desktop App which allows a malicious server or plugin to crash the desktop client via invoking window.close in the renderer context, leading to...

3.5CVSS5.8AI score0.00171EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/18 8:43 a.m.10 views

CVE-2026-4643 Calling window.close() from server-side content causes crash in the Mattermost Desktop App

Mattermost Desktop App versions =6.1 6.0.1 5.4.13.0 fail to prevent server-rendered content from closing an underlying application view in the Mattermost Desktop App which allows a malicious server or plugin to crash the desktop client via invoking window.close in the renderer context, leading to...

3.5CVSS5.8AI score0.00171EPSS
Exploits0References1
CVE
CVE
added 2026/05/18 8:43 a.m.21 views

CVE-2026-4643

Mattermost Desktop App versions ≤ 6.1, 6.0.1, and 5.4.13.0 are affected by a flaw where server-rendered content can invoke window.close() in the renderer context, causing the underlying application view to close and yielding a client‑level denial of service. Root cause: the app fails to prevent s...

3.5CVSS5.8AI score0.00171EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/18 8:43 a.m.9 views

CVE-2026-4643

Mattermost Desktop App versions =6.1 6.0.1 5.4.13.0 fail to prevent server-rendered content from closing an underlying application view in the Mattermost Desktop App which allows a malicious server or plugin to crash the desktop client via invoking window.close in the renderer context, leading to...

3.5CVSS5.8AI score0.00171EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.13 views

Mattermost Desktop App 代码问题漏洞

The Mattermost Desktop App is a desktop application for message communication developed by the American company Mattermost. Versions 6.1, 6.0.1, and 5.4.13.0 of the Mattermost Desktop App have code vulnerabilities. These vulnerabilities stem from a failure to prevent servers from rendering conten...

3.5CVSS5.9AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/03 1:37 p.m.7 views

CVE-2026-1628

Mattermost Desktop App versions =5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functionality to untrusted servers via having a user open an external link in their Mattermost server...

4.6CVSS5.9AI score0.00136EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/02 1:24 p.m.9 views

EUVD-2026-9174

Mattermost Desktop App versions =5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functionality to untrusted servers via having a user open an external link in their Mattermost server...

4.6CVSS5.9AI score0.00136EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/17 1:27 p.m.8 views

CVE-2026-1046

Mattermost Desktop App versions =6.0 6.2.0 5.2.13.0 fail to validate help links which allows a malicious Mattermost server to execute arbitrary executables on a user’s system via the user clicking on certain items in the Help menu Mattermost Advisory ID: MMSA-2026-00577...

7.6CVSS5.9AI score0.00235EPSS
Exploits0References1
Rows per page
Query Builder