CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

8 matches found

SUSE CVE•added 2025/07/04 2:42 p.m.•3 views

SUSE CVE-2025-3913

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the...

3.8CVSS6.9AI score0.00265EPSS

Exploits0References2

Tenable Nessus•added 2025/06/06 12:0 a.m.•14 views

Mattermost Server 9.11.x < 9.11.13 / 10.5.x < 10.5.4 / 10.6.x < 10.6.3 / 10.7.1 Multiple Vulnerabilities (MMSA-2025-00458, MMSA-2025-00463, MMSA-2025-00467)

The version of Mattermost Server installed on the remote host is prior to 9.11.13, 10.5.4, 10.6.3, or 10.7.0. It is, therefore, affected by multiple vulnerabilities as referenced in the MMSA-2025-00458, MMSA-2025-00463, MMSA-2025-00467 advisories. - Mattermost versions 10.7.x = 10.7.0, 10.6.x =...

5.4CVSS5.6AI score0.00265EPSS

Exploits0References4

Veracode•added 2025/06/03 2:34 a.m.•7 views

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to improper access control. The vulnerability is due to insufficient permission checks when changing team privacy settings, allowing unauthorized team administrators to access and modify team invite IDs via the /api/v4/teams/:teamId/privacy...

5.3CVSS6.6AI score0.00265EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2025/05/31 3:52 p.m.•13 views

CVE-2025-3913

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the...

5.3CVSS6.8AI score0.00265EPSS

Exploits0References1

Github Security Blog•added 2025/05/29 6:31 p.m.•14 views

Mattermost improperly allows team administrators to modify team invites

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the...

5.3CVSS7AI score0.00265EPSS

Exploits0References4Affected Software1

NVD•added 2025/05/29 4:15 p.m.•10 views

CVE-2025-3913

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the...

5.3CVSS0.00265EPSS

Exploits0References1

OSV•added 2025/05/29 4:15 p.m.•6 views

CVE-2025-3913

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the...

3.8CVSS6.9AI score

Exploits0References1

Vulnrichment•added 2025/05/29 3:10 p.m.•9 views

CVE-2025-3913 Team Privacy Settings Authorization Bypass in Mattermost Server

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the...

5.3CVSS6.9AI score0.00265EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by