10 matches found
EUVD-2025-18757
Malicious code in bioql PyPI...
CVE-2025-3228
Mattermost versions 10.5.x = 10.5.5, 9.11.x = 9.11.15, 10.8.x = 10.8.0, 10.7.x = 10.7.2, 10.6.x = 10.6.5 fail to properly retrieve requestorInfo from playbooks handler for guest users which allows an attacker access to the playbook run...
GHSA-4578-6GJH-F2JM Mattermost allows an unauthorized Guest user access to Playbook
Mattermost versions 10.5.x = 10.5.5, 9.11.x = 9.11.15, 10.8.x = 10.8.0, 10.7.x = 10.7.2, 10.6.x = 10.6.5 fail to properly retrieve requestorInfo from playbooks handler for guest users which allows an attacker access to the playbook run...
Mattermost Improper Access Restriction Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an improper access restriction vulnerability. The vulnerability arises due to improperly set API access rights. An attacker could use this vulnerability to gain unauthorized...
Mattermost has an unspecified vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from improperly invalidated personal access tokens, which can be exploited by an attacker to maintain full system access...
PT-2025-26325 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions 10.5.x through 10.5.5 Mattermost versions 9.11.x through 9.11.15 Mattermost versions 10.8.x through 10.8.0 Mattermost versions 10.7.x through 10.7.2 Mattermost versions 10.6.x through 10.6.5 Description: The issue arises...
PT-2025-16246 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.11.x through 9.11.9 Mattermost versions 10.4.x through 10.4.3 Mattermost versions 10.5.x through 10.5.1 Description: The issue arises when a user account is converted to a bot, and the cache is not properly invalidated,...
Mattermost Unauthorized Access Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an unauthorized access vulnerability that stems from failing to properly authorize access to an archive channel when viewing the archive channel is disabled. An attacker could...
PT-2024-2030 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions prior to v8.1.9 Description: The issue is related to inadequate access control in Mattermost, allowing remote attackers to gain unauthorized access to files in archived channels. Specifically, members can access files...
PT-2023-21391 · Unknown · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue allows an attacker with admin privileges to retain persistent access to Mattermost by obtaining an oauth2 access token while the attacker's account is deactivated, due to a...