Known Vulnerabilities for Mattermost by Vendor
Listed below are 10 of the newest known vulnerabilities associated with "Mattermost" by "Vendor".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-53837 json | OpenClaw before 2026.5.6 contains an improper access control vulnerability in Mattermost event handlers that fails to validat... | Not Provided | 2026-06-12 | 2026-06-15 |
| CVE-2026-46548 json | NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the request-filtering-agent SSRF protection wa... | Not Provided | 2026-06-23 | 2026-06-24 |
| CVE-2026-45003 json | OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost, IRC, and... | Not Provided | 2026-05-11 | 2026-05-11 |
| CVE-2026-28759 json | Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to validate that a remote cluster has access... | Not Provided | 2026-05-18 | 2026-05-18 |
| CVE-2026-28732 json | Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 Fail to enforce slash command trigger-word unique... | Not Provided | 2026-05-18 | 2026-05-18 |
| CVE-2026-22880 json | Mattermost Mobile Apps versions <=2.37 11.4 2.0.37 11.0.4 11.1.3 11.3.2 10.11.11.0 fail to properly validate the SSO authenti... | Not Provided | 2026-05-21 | 2026-05-21 |
| CVE-2026-13426 json | The Mattermost Go module github.com/mattermost/mattermost/server/public versions < v0.1.22 fail to validate path parameters w... | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-10106 json | Mattermost versions 11.7.x <= 11.7.2, 11.6.x <= 11.6.4, 10.11.x <= 10.11.19 fail to verify that the channel referenced in an ... | Not Provided | 2026-07-13 | 2026-07-13 |
| CVE-2026-10103 json | Mattermost versions 11.7.x <= 11.7.2, 11.6.x <= 11.6.4, 10.11.x <= 10.11.19 fail to verify post ownership in the shared chann... | Not Provided | 2026-07-13 | 2026-07-14 |
| CVE-2026-10085 json | Mattermost versions 11.7.x <= 11.7.2, 11.6.x <= 11.6.4, 10.11.x <= 10.11.19 fail to restrict the group_constrained channel fl... | Not Provided | 2026-07-13 | 2026-07-13 |