All 2 CVE vulnerabilities found in Focalboard, with AI-generated Chinese analysis, references, and POCs.
Vendor: Mattermost
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-28736 | Focalboard IDOR in file content endpoint allows cross-user file access (unsupported product, no fix) CWE-639 | 4.3 | Medium | 2026-04-03 |
| CVE-2026-25773 | Focalboard Second-Order SQL Injection in category reorder endpoint allows data exfiltration (unsupported product, no fix) CWE-89 | 8.1 | High | 2026-04-03 |
All 2 known CVE vulnerabilities affecting Focalboard with full Chinese analysis, references, and POCs where available.