Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.4 views

Mattermost Server 10.11.x < 10.11.16 / 11.5.x < 11.5.5 / 11.6.x < 11.6.2 Multiple Vulnerabilities (MMSA-2026-00616 / MMSA-2026-00649 / MMSA-2026-00655 / MMSA-2026-00656 / MMSA-2026-00661 / MMSA-2026-00662 / MMSA-2026-00665)

The version of Mattermost Server installed on the remote host is affected by multiple vulnerabilities: - Mattermost fails to require role-management authorization when setting the schemeadmin flag on group syncable link and patch endpoints, which allows a user with group-link permissions to...

8.8CVSS6.1AI score0.00298EPSS
Exploits0References8
NVD
NVD
added 2026/06/12 5:16 p.m.32 views

CVE-2026-6739

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 fail to require system-level permission when patching protected default system roles, which allows authenticated users with delegated user-management permissions to escalate privileges by altering built-i...

7.2CVSS0.00257EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 3:49 p.m.17 views

CVE-2026-6739

Mattermost vulnerability CVE-2026-6739 affects multiple releases: 11.6.x &lt;= 11.6.1, 11.5.x &lt;= 11.5.4, 10.11.x &lt;= 10.11.15, and 10.11.x

7.2CVSS5.3AI score0.00257EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/12 3:49 p.m.10 views

CVE-2026-6739 Mattermost: Delegated admins could patch protected default system roles

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 fail to require system-level permission when patching protected default system roles, which allows authenticated users with delegated user-management permissions to escalate privileges by altering built-i...

6.7CVSS5.2AI score0.00257EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:49 p.m.10 views

EUVD-2026-36499

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 fail to require system-level permission when patching protected default system roles, which allows authenticated users with delegated user-management permissions to escalate privileges by altering built-i...

6.7CVSS5.2AI score0.00257EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 3:49 p.m.29 views

CVE-2026-6739 Mattermost: Delegated admins could patch protected default system roles

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 fail to require system-level permission when patching protected default system roles, which allows authenticated users with delegated user-management permissions to escalate privileges by altering built-i...

6.7CVSS0.00257EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.29 views

PT-2026-48938

Name of the Vulnerable Software and Affected Versions Mattermost versions prior to 11.6.2 Mattermost versions prior to 11.5.5 Mattermost versions prior to 10.11.17 Description Authenticated users with delegated user-management permissions can escalate privileges by altering built-in role...

7.2CVSS5.9AI score0.00257EPSS
Exploits0References4
Rows per page
Query Builder