Lucene search
K

6 matches found

OSV
OSV
added 2026/03/23 6:16 p.m.5 views

GO-2026-4812 Mattermost fails to verify run_create permission for empty playbookId in github.com/mattermost/mattermost-plugin-playbooks

Mattermost fails to verify runcreate permission for empty playbookId in github.com/mattermost/mattermost-plugin-playbooks...

4.3CVSS5.8AI score0.00159EPSS
Exploits0References4
NVD
NVD
added 2026/03/16 8:16 p.m.5 views

CVE-2026-26304

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2 fail to verify runcreate permission for empty playbookId, which allows team members to create unauthorized runs via the playbook run API. Mattermost Advisory ID: MMSA-2025-00542...

4.3CVSS0.00159EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.4 views

PT-2026-25810

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2 fail to verify run create permission for empty playbookId, which allows team members to create unauthorized runs via the playbook run API. Mattermost Advisory ID: MMSA-2025-00542...

4.3CVSS5.8AI score0.00159EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.7 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.3.0 and earlier 11.3.x series, as well as 11.2.2 and earlier versions 11.2.x series, have security vulnerabilities. These vulnerabilities stem from the unauthorized...

4.3CVSS6.4AI score0.00159EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/31 12:0 a.m.5 views

PT-2024-5757 · Unknown · Kraken Stress Testing Toolkit

Name of the Vulnerable Software and Affected Versions: Kraken Stress Testing Toolkit affected versions not specified Description: The issue is related to the lack of protection for the SQL query structure in the Kraken Stress Testing Toolkit, a tool for load testing SIEM systems. This can be...

9CVSS8.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/29 12:0 a.m.4 views

PT-2024-22674 · Unknown · Jumpserver

Name of the Vulnerable Software and Affected Versions: JumpServer versions prior to 3.10.6 Description: An authorized attacker can obtain sensitive information contained within playbook files if they manage to learn the playbook id of another user. This breach of confidentiality can lead to...

5.3CVSS6.6AI score0.00292EPSS
Exploits0References5
Rows per page
Query Builder