mattermost
607 tracked vulnerabilities.
CVE-2025-1412
LOW
Mattermost <9.11.7, <10.4.2 - Privilege Escalation
Feb 24, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-0503
LOW
Mattermost <9.11.7 - Info Disclosure
Feb 14, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-20630
MEDIUM
Mattermost Mobile <=2.22.0 - Code Injection
Jan 16, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-20621
MEDIUM
Mattermost <10.2.0-10.2.0, <9.11.5-9.11.5, <10.0.3-10.0.3, <10.1.3-...
Jan 16, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-20072
MEDIUM
Mattermost Mobile <=2.22.0 - Code Injection
Jan 16, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-0476
MEDIUM
Mattermost Mobile Apps <=2.22.0 - DoS
Jan 16, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-21083
MEDIUM
Mattermost Mobile Apps <=2.22.0 - Code Injection
Jan 15, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-20088
MEDIUM
Mattermost <10.2.0-10.2.0, <9.11.5-9.11.5, <10.0.3-10.0.3, <10.1.3-...
Jan 15, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-20086
MEDIUM
Mattermost <10.2.0-10.1.3 - Code Injection
Jan 15, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-20036
MEDIUM
Mattermost Mobile Apps <=2.22.0 - Code Injection
Jan 15, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-21088
MEDIUM
Mattermost <10.2.0-10.1.3 - Code Injection
Jan 15, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-22449
LOW
Mattermost 9.11.0-9.11.5 - Incorrect Authorization via Team Public Setting
Jan 09, 2025
CVSS 3.8
EPSS 0.00
CVE-2025-22445
LOW
Mattermost 10.x <= 10.2 - Incorrect Security Configuration Reporting in UI
Jan 09, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-20033
MEDIUM
Mattermost 9.11.0-9.11.5, 10.0.0-10.0.3, 10.1.0-10.1.3, 10.2.0 DoS via Custom Post Type Validation Bypass
Jan 09, 2025
CVSS 4.3
EPSS 0.01
CVE-2024-11358
MEDIUM
Mattermost Android Mobile Apps <=2.21.0 - Info Disclosure
Dec 16, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-54682
MEDIUM
Mattermost 9.5.0-9.5.12 10.1.0-10.1.2 - Denial of Service via Slack Import Zip Bomb
Dec 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-54083
MEDIUM
Mattermost 9.5.0-9.5.12 10.0.0-10.0.2 10.1.0-10.1.2 - Denial of Service via Crafted Post
Dec 16, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-48872
MEDIUM
Mattermost 9.5.0-9.5.12 9.11.0-9.11.4 10.0.0-10.0.2 10.1.0-10.1.2 - Race Condition in Failed Login Attempts Check
Dec 16, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-12247
MEDIUM
Mattermost 9.7.0-9.7.5 9.8.0-9.8.2 9.9.0-9.9.2 - Incorrect Authorization via Permission Scheme Update Propagation
Dec 05, 2024
CVSS 4.6
EPSS 0.00
CVE-2024-11599
HIGH
Mattermost <10.0.1-9.5.11 - Info Disclosure
Nov 28, 2024
CVSS 8.2
EPSS 0.00
CVE-2024-52032
MEDIUM
Mattermost <10.0.0-9.11.2 - Info Disclosure
Nov 09, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-42000
LOW
Mattermost 9.5.0-9.5.9, 9.10.0-9.10.2, 9.11.0-9.11.1, 10.0.0 - Incorrect Authorization via /api/v4/channels
Nov 09, 2024
CVSS 2.7
EPSS 0.00
CVE-2024-36250
LOW
Mattermost <9.11.3-9.5.11 - Info Disclosure
Nov 09, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-47401
MEDIUM
Mattermost <9.10.2, 9.11.1, 9.5.9 - Info Disclosure
Oct 29, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-46872
MEDIUM
Mattermost 9.5.0-9.5.9, 9.10.0-9.10.2, 9.11.0-9.11.1 - Cross-Site Request Forgery via Playbooks Redirection
Oct 29, 2024
CVSS 4.6
EPSS 0.00
Products
mattermost_server 451
mattermost 250
mattermost-server 212
Mattermost 104
mattermost_desktop 28
mattermost_mobile 20
confluence 14
mattermost-plugin-confluence 14
mattermost-plugin-playbooks 6
mattermost-plugin-github 4
mattermost-plugin-msteams 4
mattermost-plugin-calls 3
mattermost-plugin-jira 3
Focalboard 2
focalboard 2
mattermost-plugin-boards 2
mattermost-plugin-zoom 2
mattermost_boards 2
ms_teams 2
playbooks 2
zoom 2
Mattermost Google Drive Plugin 1
channel_export 1
github.com/mattermost/mattermost/server/public 1
legal_hold 1
mattermost-plugin-channel-export 1
mattermost-plugin-msteams-meetings 1
mattermost_channel_export 1
mattermost_packages 1
mattermost_plugins 1
Quick Filters