Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 384 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-1629 Permalink Preview Information Disclosure After Permission Revocation MattermostMattermost Medium 4.3 2026-03-16 20:24:05 Deep Dive
CVE-2026-26230 Team Admin Privilege Escalation to Demote Members to Guest MattermostMattermost Low 3.8 2026-03-16 20:19:51 Deep Dive
CVE-2026-2454 DoS in Calls plugin via malformed msgpack in websocket request. MattermostMattermost Medium 5.8 2026-03-16 20:10:17 Deep Dive
CVE-2026-26304 Permission Bypass in Playbook Run Creation MattermostMattermost Medium 4.3 2026-03-16 19:53:22 Deep Dive
CVE-2026-24692 Guest users can bypass read permissions via search API MattermostMattermost Medium 4.3 2026-03-16 14:56:45 Deep Dive
CVE-2026-22545 Password Change Bypass via Auth Switch Endpoint MattermostMattermost Low 3.1 2026-03-16 14:54:45 Deep Dive
CVE-2026-2455 SSRF bypass via IPv4-mapped IPv6 literals MattermostMattermost Medium 4.3 2026-03-16 14:53:31 Deep Dive
CVE-2026-21386 Private channel enumeration via /mute slash command MattermostMattermost Medium 4.3 2026-03-16 14:51:43 Deep Dive
CVE-2026-25780 Memory Exhaustion via Malformed DOC File Upload MattermostMattermost Medium 4.3 2026-03-16 12:59:14 Deep Dive
CVE-2026-4265 Guest user can upload files without permission across teams MattermostMattermost Medium 4.3 2026-03-16 12:07:15 Deep Dive
CVE-2026-25783 Denial of service via malformed User-Agent header in getBrowserVersion MattermostMattermost Medium 4.3 2026-03-16 12:04:18 Deep Dive
CVE-2026-24458 DoS attack via login attempts with multi-megabyte passwords MattermostMattermost High 7.5 2026-03-16 12:02:23 Deep Dive
CVE-2026-2462 Admin RCE via Malicious Plugin Upload on CI Test Instances MattermostMattermost Medium 6.6 2026-03-16 12:00:21 Deep Dive
CVE-2026-2578 Information Disclosure via WebSocket Event When Deleting Unrevealed Burn on Read Posts MattermostMattermost Medium 4.3 2026-03-16 11:58:10 Deep Dive
CVE-2026-26246 Memory Exhaustion via Malformed PSD File Upload MattermostMattermost Medium 4.3 2026-03-16 11:33:03 Deep Dive
CVE-2026-2458 Unauthorized channel enumeration in private teams after member removal MattermostMattermost Medium 4.3 2026-03-16 11:27:49 Deep Dive
CVE-2026-2457 WebSocket Message Spoofing via Permalink Embed Manipulation MattermostMattermost Medium 4.3 2026-03-16 11:20:25 Deep Dive
CVE-2026-2461 Missing authorization check allows unauthorized modification of other users' comments on a board MattermostMattermost Medium 4.3 2026-03-16 11:16:33 Deep Dive
CVE-2026-2463 Unauthorized access to invite ID during team creation MattermostMattermost Medium 4.3 2026-03-16 11:13:58 Deep Dive
CVE-2026-2476 MS Teams plugin sensitive config values not properly masked in support packets MattermostMattermost High 7.6 2026-03-16 11:11:07 Deep Dive