Mattermost Server 10.11.x <= 10.11.9 / 11.0.x <= 11.2.x Improper Access Control (MMSA-2025-00549)

The version of Mattermost Server installed on the remote host is affected by a vulnerability as referenced in the MMSA-2025-00549 advisory. - Mattermost versions 10.11.x = 10.11.9 and 11.0.x = 11.2.x fail to properly enforce access control checks in the common teams API. This allows the API to...

PT-2026-7984

Name of the Vulnerable Software and Affected Versions Mattermost versions 10.11.0 through 10.11.9 Description Mattermost versions 10.11.0 through 10.11.9 do not properly validate channel membership when retrieving data, potentially allowing a deactivated user to learn team names they should not...

Linux Distros Unpatched Vulnerability : CVE-2022-21713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle use...

CVE-2025-53971

Mattermost versions 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate authorization for team scheme role modifications which allows Team Admins to demote Team Members to Guests via the PUT /api/v4/teams/team-id/members/user-id/schemeRoles API endpoint...