Filtered by vendor Mattermost
Subscriptions
Filtered by product Mattermost
Subscriptions
Total
151 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-20086 | 1 Mattermost | 1 Mattermost | 2025-07-12 | 6.5 Medium |
| Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post. | ||||
| CVE-2025-20088 | 1 Mattermost | 1 Mattermost | 2025-07-12 | 6.5 Medium |
| Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post. | ||||
| CVE-2025-22445 | 1 Mattermost | 1 Mattermost | 2025-07-12 | 3.5 Low |
| Mattermost versions 10.x <= 10.2 fail to accurately reflect missing settings, which allows confusion for admins regarding a Calls security-sensitive configuration via incorrect UI reporting. | ||||
| CVE-2025-22449 | 1 Mattermost | 1 Mattermost | 2025-07-12 | 3.8 Low |
| Mattermost versions 9.11.x <= 9.11.5 fail to enforce invite permissions, which allows team admins, with no permission to invite users to their team, to invite users by updating the "allow_open_invite" field via making their team public. | ||||
| CVE-2025-2424 | 1 Mattermost | 1 Mattermost | 2025-07-12 | 3.1 Low |
| Mattermost versions 10.5.x <= 10.5.1, 9.11.x <= 9.11.9 fail to check if a file has been deleted when creating a bookmark which allows an attacker who knows the IDs of deleted files to obtain metadata of the files via bookmark creation. | ||||
| CVE-2025-2527 | 1 Mattermost | 1 Mattermost | 2025-07-12 | 4.3 Medium |
| Mattermost versions 10.5.x <= 10.5.2, 9.11.x <= 9.11.11 failed to properly verify a user's permissions when accessing groups, which allows an attacker to view group information via an API request. | ||||
| CVE-2025-2571 | 1 Mattermost | 1 Mattermost | 2025-07-12 | 4.2 Medium |
| Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to clear Google OAuth credentials when converting user accounts to bot accounts, allowing attackers to gain unauthorized access to bot accounts via the Google OAuth signup flow. | ||||
| CVE-2025-31947 | 1 Mattermost | 1 Mattermost | 2025-07-12 | 5.8 Medium |
| Mattermost versions 10.6.x <= 10.6.1, 10.5.x <= 10.5.2, 10.4.x <= 10.4.4, 9.11.x <= 9.11.11 fail to lockout LDAP users following repeated login failures, which allows attackers to lock external LDAP accounts through repeated login failures through Mattermost. | ||||
| CVE-2025-4128 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2025-07-08 | 3.1 Low |
| Mattermost versions 10.5.x <= 10.5.4, 9.11.x <= 9.11.13 fail to properly restrict API access to team information, allowing guest users to bypass permissions and view information about public teams they are not members of via a direct API call to /api/v4/teams/{team_id}. | ||||
| CVE-2025-4981 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2025-07-08 | 9.9 Critical |
| Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to sanitize filenames in the archive extractor which allows authenticated users to write files to arbitrary locations on the filesystem via uploading archives with path traversal sequences in filenames, potentially leading to remote code execution. The vulnerability impacts instances where file uploads and document search by content is enabled (FileSettings.EnableFileAttachments = true and FileSettings.ExtractContent = true). These configuration settings are enabled by default. | ||||
| CVE-2025-4573 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2025-07-08 | 4.1 Medium |
| Mattermost versions 10.7.x <= 10.7.1, 10.6.x <= 10.6.3, 10.5.x <= 10.5.4, 9.11.x <= 9.11.13 fail to properly validate LDAP group ID attributes, allowing an authenticated administrator with PermissionSysconsoleWriteUserManagementGroups permission to execute LDAP search filter injection via the PUT /api/v4/ldap/groups/{remote_id}/link API when objectGUID is configured as the Group ID Attribute. | ||||
| CVE-2025-3611 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2025-07-08 | 3.1 Low |
| Mattermost versions 10.7.x <= 10.7.0, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System Manager privileges to view team details they should not have access to via direct API requests to team endpoints, even when explicitly configured with 'No access' to Teams in the System Console. | ||||
| CVE-2025-3227 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2025-07-08 | 4.3 Medium |
| Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly enforce channel member management permissions in playbook runs, allowing authenticated users without the 'Manage Channel Members' permission to add or remove users from public and private channels by manipulating playbook run participants when the run is linked to a channel. | ||||
| CVE-2025-3228 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2025-07-08 | 4.3 Medium |
| Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly retrieve requestorInfo from playbooks handler for guest users which allows an attacker access to the playbook run. | ||||
| CVE-2025-46702 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2025-07-08 | 5.4 Medium |
| Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly enforce channel member management permissions when adding participants to playbook runs. This allows authenticated users with member-level permissions to bypass system admin restrictions and add or remove users to/from private channels via the playbook run participants feature, even when the 'Manage Members' permission has been explicitly removed. This can lead to unauthorized access to sensitive channel content and allow guest users to gain channel management privileges. | ||||
| CVE-2025-47871 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2025-07-08 | 4.3 Medium |
| Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly validate channel membership when retrieving playbook run metadata, allowing authenticated users who are playbook members but not channel members to access sensitive information about linked private channels including channel name, display name, and participant count through the run metadata API endpoint. | ||||
| CVE-2025-3230 | 1 Mattermost | 1 Mattermost | 2025-06-24 | 5.4 Medium |
| Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fails to properly invalidate personal access tokens upon user deactivation, allowing deactivated users to maintain full system access by exploiting access token validation flaws via continued usage of previously issued tokens. | ||||
| CVE-2025-3446 | 1 Mattermost | 1 Mattermost | 2025-06-24 | 4.3 Medium |
| Mattermost versions 10.6.x <= 10.6.1, 10.5.x <= 10.5.2, 10.4.x <= 10.4.4, 9.11.x <= 9.11.11 fail to check the correct permissions which allows authenticated users who only have permission to invite non-guest users to a team to add guest users to that team via the API to add a single user to a team. | ||||
| CVE-2025-1792 | 1 Mattermost | 1 Mattermost | 2025-06-23 | 3.1 Low |
| Mattermost versions 10.7.x <= 10.7.0, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to properly enforce access controls for guest users accessing channel member information, allowing authenticated guest users to view metadata about members of public channels via the channel members API endpoint. | ||||
| CVE-2025-20051 | 1 Mattermost | 1 Mattermost | 2025-06-17 | 9.9 Critical |
| Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate input when patching and duplicating a board, which allows a user to read any arbitrary file on the system via duplicating a specially crafted block in Boards. | ||||