| CVE-2026-6346 |
high |
8.7 |
8.7 |
|
|
|
17d ago |
Mattermost doesn't sanitize sensitive configuration fields before including them in support packet generation |
| CVE-2026-6347 |
high |
7.6 |
7.6 |
|
|
|
17d ago |
Mattermost doesn't sanitize sensitive configuration fields in the Mattermost Calls plugin |
| CVE-2026-6345 |
medium |
6.5 |
6.5 |
|
|
|
17d ago |
Mattermost doesn't prevent disclosure of created user password |
| CVE-2026-5163 |
medium |
6.5 |
6.5 |
|
|
|
17d ago |
Mattermost doesn't verify channel membership when processing AI-assisted message rewrites |
| CVE-2026-6340 |
medium |
6.5 |
6.5 |
|
|
|
17d ago |
Mattermost doesn't validate 7zip archive structure before processing |
| CVE-2026-2325 |
medium |
6.5 |
6.5 |
|
|
|
17d ago |
Mattermost doesn't limit the size of the request body on the start meeting API endpoint |
| CVE-2026-4054 |
medium |
6.5 |
6.5 |
|
|
|
20d ago |
Mattermost doesn't validate the response body of proxied images |
| CVE-2026-3590 |
medium |
— |
5.5 |
|
|
|
2mo ago |
Mattermost has session spoofing due to lack of single-use consumption of guest magic link tokens enforcement |
| CVE-2026-6333 |
medium |
5.0 |
5.0 |
|
|
|
17d ago |
Mattermost doesn't validate the Host header when constructing response URLs for custom slash command |
| CVE-2026-3495 |
medium |
4.8 |
4.8 |
|
|
|
17d ago |
Mattermost doesn't escape some variables that could contain malicious content during error page composition |
| CVE-2026-6339 |
medium |
4.3 |
4.3 |
|
|
|
17d ago |
Mattermost doesn't validate the X-Requested-With header on the burn-on-read reveal endpoint |
| CVE-2026-28732 |
medium |
4.3 |
4.3 |
|
|
|
17d ago |
Mattermost doesn't enforce slash command trigger-word uniqueness during command updates |
| CVE-2026-4273 |
medium |
4.3 |
4.3 |
|
|
|
17d ago |
Mattermost doesn't validate that the RefreshedToken differs from the original invite token during remote cluster invite confirmation |
| CVE-2026-3637 |
medium |
4.3 |
4.3 |
|
|
|
17d ago |
Mattermost doesn't check the create_post channel permission during post edit operations |
| CVE-2026-28759 |
medium |
4.3 |
4.3 |
|
|
|
17d ago |
Mattermost does not verify remote cluster channel access when processing shared channel membership removals |
| CVE-2026-4053 |
medium |
4.3 |
4.3 |
|
|
|
20d ago |
Mattermost doesn't enforce the PostEditTimeLimit on non-message post fields |
