CVE-2026-4339
MEDIUMSSRF via unvalidated attachment URLs in Mattermost Agents plugin MCP server
Title source: cnaDescription
Mattermost versions 10.11.x <= 10.11.18, 11.6.x <= 11.6.3, 11.5.x <= 11.5.6 fail to validate attachment URLs against internal or private IP ranges in the Mattermost Agents plugin MCP server which allows an attacker with access to the MCP server in stdio mode to perform server-side request forgery (SSRF) and exfiltrate data from internal network services via supplying internal URLs as file attachments in post creation requests.. Mattermost Advisory ID: MMSA-2026-00635
References (1)
Core 1
Core References
Scores
CVSS v3
6.5
EPSS
0.0010
EPSS Percentile
1.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-918
Status
published
Products (8)
Mattermost/Mattermost
10.11.0 - 10.11.18
Mattermost/Mattermost
10.11.19
Mattermost/Mattermost
11.5.0 - 11.5.6
Mattermost/Mattermost
11.5.7
Mattermost/Mattermost
11.6.0 - 11.6.3
Mattermost/Mattermost
11.6.4
Mattermost/Mattermost
11.7.0
mattermost/mattermost_server
10.11.0 - 10.11.19
Published
Jun 26, 2026
Tracked Since
Jun 26, 2026