CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Mattermost: >> Mattermost Server >> 11.1.3 Security Vulnerabilities

CVE-2026-2461

Mattermost Plugins versions <=11.3 11.0.3 11.2.2 10.10.11.0 fail to implement authorisation checks on comment block modifications, which allows an authorised attacker with editor permission to modify comments created by other board members. Mattermost Advisory ID: MMSA-2025-00559

CVSS Score

4.3

EPSS Score

0.0

Published

2026-03-16

Page 1

Vulnerabilities

Vulnerable Software

Mattermost: >> Mattermost Server >> 11.1.3 Security Vulnerabilities

Products

Pricing

Contact Us