CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-25068 – Bypassing MFA Enforcement on Plugin Endpoints
https://notcve.org/view.php?id=CVE-2025-25068
21 Mar 2025 — Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8, 10.5.x <= 10.5.0 fail to enforce MFA on plugin endpoints, which allows authenticated attackers to bypass MFA protections via API requests to plugin-specific routes. • https://mattermost.com/security-updates • CWE-306: Missing Authentication for Critical Function •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24920 – Unauthorized Bookmark Creation and Modification in Archived Channels
https://notcve.org/view.php?id=CVE-2025-24920
21 Mar 2025 — Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8, 10.5.x <= 10.5.0 fail to restrict bookmark creation and updates in archived channels, which allows authenticated users created or update bookmarked in archived channels Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8, 10.5.x <= 10.5.0 fail to restrict bookmark creation and updates in archived channels, which allows authenticated users created or update bookmarked in archived channels • https://mattermost.com/security-updates • CWE-863: Incorrect Authorization •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30179 – MFA Enforcement Bypass in Search APIs
https://notcve.org/view.php?id=CVE-2025-30179
21 Mar 2025 — Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8 fail to enforce MFA on certain search APIs, which allows authenticated attackers to bypass MFA protections via user search, channel search, or team search queries. • https://mattermost.com/security-updates • CWE-863: Incorrect Authorization •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-25274 – Unauthorized Command Execution in Archived Channels
https://notcve.org/view.php?id=CVE-2025-25274
21 Mar 2025 — Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8 fail to restrict command execution in archived channels, which allows authenticated users to run commands in archived channels. Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8 fail to restrict command execution in archived channels, which allows authenticated users to run commands in archived channels. • https://mattermost.com/security-updates • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-27933 – Unauthorized Private-to-Public Channel Conversion
https://notcve.org/view.php?id=CVE-2025-27933
21 Mar 2025 — Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8 fail to fail to enforce channel conversion restrictions, which allows members with permission to convert public channels to private ones to also convert private ones to public • https://mattermost.com/security-updates • CWE-863: Incorrect Authorization •
CVSS: 9.9EPSS: 0%CPEs: 4EXPL: 0CVE-2025-20051 – Arbitrary file read via block duplication in Mattermost Boards
https://notcve.org/view.php?id=CVE-2025-20051
24 Feb 2025 — Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate input when patching and duplicating a board, which allows a user to read any arbitrary file on the system via duplicating a specially crafted block in Boards. • https://mattermost.com/security-updates • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.6EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24490 – SQL Injection in Mattermost Boards via board category ID reordering
https://notcve.org/view.php?id=CVE-2025-24490
24 Feb 2025 — Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to use prepared statements in the SQL query of boards reordering which allows an attacker to retrieve data from the database, via a SQL injection when reordering specially crafted boards categories. Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to use prepared statements in the SQL query of boards reordering which allows an attacker to retrieve data from the datab... • https://mattermost.com/security-updates • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.9EPSS: 3%CPEs: 4EXPL: 1CVE-2025-25279 – Arbitrary file read in Mattermost Boards via import & export board archive
https://notcve.org/view.php?id=CVE-2025-25279
24 Feb 2025 — Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate board blocks when importing boards which allows an attacker could read any arbitrary file on the system via importing and exporting a specially crafted import archive in Boards. • https://github.com/numanturle/CVE-2025-25279 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 3.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1412 – Session Persistence After User-to-Bot Conversion
https://notcve.org/view.php?id=CVE-2025-1412
24 Feb 2025 — Mattermost versions 9.11.x <= 9.11.6, 10.4.x <= 10.4.1 fail to invalidate all active sessions when converting a user to a bot, with allows the converted user to escalate their privileges depending on the permissions granted to the bot. • https://mattermost.com/security-updates • CWE-384: Session Fixation •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24526 – Channel export permitted on archived channel when viewing archived channels is disabled
https://notcve.org/view.php?id=CVE-2025-24526
24 Feb 2025 — Mattermost versions 10.1.x <= 10.1.3, 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to restrict channel export of archived channels when the "Allow users to view archived channels" is disabled which allows a user to export channel contents when they shouldn't have access to it Mattermost versions 10.1.x <= 10.1.3, 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to restrict channel export of archived channels when the "Allow users to view archived cha... • https://mattermost.com/security-updates • CWE-863: Incorrect Authorization •