4 matches found
CVE-2026-28735
Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to gain access to private repositories via modifying the scope parameter in the GitHub authorization URL...
CVE-2026-5163 Missing authorization check in AI message rewrite endpoint allows access to private thread content
Mattermost versions 11.5.x = 11.5.1 fail to verify channel membership when processing AI-assisted message rewrites which allows an authenticated attacker to read the content of threads in private channels and direct messages they do not have access to via a crafted request to the post rewrite...
CVE-2026-5163
Mattermost 11.5.x prior to 11.5.2 (up to 11.5.1 affected) fails to verify channel membership when processing AI-assisted message rewrites, allowing an authenticated user to read content from threads in private channels and direct messages they should not access via a crafted request to the post r...
CVE-2026-4286 Playbooks Plugin fails to validate team transfers, allowing unauthorized removal of member access via playbook update
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to check if teamid was being changed when updating playbooks, allowing users with only Manage Playbook Configurations permission to change a playbook's team, bypassing manage members restriction via PUT api. Mattermost Advisory ID:...