Mattermost Vulnerabilities
Comprehensive security vulnerability database for Mattermost products
1
0
0
1
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-22892 | 4.3 | An attacker who has access to the Jira plugin in Mattermost can exploit a flaw to read messages and attachments from private channels they shouldn't have access to by using the ID of a specific post. This vulnerability affects certain versions of Mattermost and requires the attacker to be authenticated in the system. | mattermostmattermost server | Theoretical | 8 days agoFeb 13, 2026 |
About Mattermost Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Mattermost products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.