How serious is CVE-2025-13821?

This vulnerability has a CVSS score of 5.7 out of 10, classified as MEDIUM severity. Proof-of-concept exploit code is publicly available, making this an active threat.

Is there exploit code available for CVE-2025-13821?

Yes, proof-of-concept exploit code for CVE-2025-13821 is publicly available on GitHub and security research platforms. This increases the risk of active exploitation.

Which products are affected by CVE-2025-13821?

CVE-2025-13821 affects mattermost mattermost server. Check the full CVE details for specific version information.

How do I fix CVE-2025-13821?

To remediate CVE-2025-13821, check for security patches from mattermost. Apply all available updates and security patches. If no patch is available, implement recommended workarounds or security controls to mitigate the risk.

CVE-2025-13821

Medium

|5.7

Exploit Available

Plain English Summary

AI-powered analysis for quick understanding

This vulnerability allows an attacker to steal sensitive information, like password hashes and multi-factor authentication secrets, from other users by manipulating their profile nickname or during email verification events. The attacker must already be logged in as an authenticated user on the affected versions of Mattermost to exploit this weakness.

Technical Description

Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to sanitize sensitive data in WebSocket messages which allows authenticated users to exfiltrate password hashes and MFA secrets via profile nickname updates or email verification events. Mattermost Advisory ID: MMSA-2025-00560

CVSS Vector Analysis

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredLow

User InteractionRequired

Confidentiality ImpactHigh

Integrity ImpactNone

Availability ImpactNone

ScopeUnchanged

Vector String

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Exploit Resources

Search for proof-of-concept code and exploit modules

GitHub Search Exploit-DB Nuclei Templates Metasploit Vulners

Official References

NIST NVD

Est. Bounty

$793($500-$1K)

Vendor Response

Grade APatched in 2 days

Quick Information

Published

Feb 16, 2026

about 2 months ago

Last Modified

Feb 18, 2026

about 2 months ago

Vendor

mattermost

Product

mattermost server

Related Vulnerabilities

CVE-2026-1628Medium

This vulnerability allows an attacker to trick users into opening malicious links within the Mattermost desktop app, potentially exposing sensitive information or enabling harmful actions on untrusted servers. It affects versions up to 5.13.3 and requires the user to click on an external link while using the app.

CVE-2025-14573Low

This vulnerability allows team administrators to improperly add users to their team through API requests, even if they don't have the necessary permissions. It affects specific versions of Mattermost and requires the attacker to have administrative access to the team settings.

CVE-2025-14350Medium

This vulnerability allows an attacker who is already logged into Mattermost to find out the names and URLs of teams they shouldn't have access to by posting links in channels and checking the system's responses. It affects specific versions of Mattermost and highlights a failure to properly check if a user is part of a team before revealing its information.

CVE-2026-0999Medium

This vulnerability allows an attacker who is already logged in to bypass single sign-on (SSO) requirements and use a userID-based login instead. It affects specific versions of Mattermost, meaning only users on those versions are at risk.

CVE-2026-0998Medium

This vulnerability allows an attacker to start Zoom meetings as any user and change posts in Mattermost by tricking the system into thinking they are someone else. It affects specific versions of Mattermost and requires the attacker to have access to the API, meaning they need to be able to send requests to the server.