CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Mattermost: >> Mattermost Mobile >> 2.25.1 Security Vulnerabilities

CVE-2025-59480

Mattermost Mobile Apps versions <=2.32.0 fail to verify that SSO redirect tokens originate from the trusted server, which allows a malicious Mattermost instance or on-path attacker to obtain user session credentials via crafted token-in-URL responses

CVSS Score

6.1

EPSS Score

0.0

Published

2025-11-13

CVE-2025-30516

Mattermost Mobile Apps versions <=2.25.0 fail to terminate sessions during logout under certain conditions (e.g. poor connectivity), allowing unauthorized users on shared devices to access sensitive notification content via continued mobile notifications

CVSS Score

2.0

EPSS Score

0.002

Published

2025-04-14

Page 1

Vulnerabilities

Vulnerable Software

Mattermost: >> Mattermost Mobile >> 2.25.1 Security Vulnerabilities

Products

Pricing

Contact Us