VYPR
Low severityOSV Advisory· Published Dec 17, 2025· Updated Dec 17, 2025

Mattermost Desktop App logging sensitive information and fails to clear data on server deletion

CVE-2025-13321

Description

Mattermost Desktop App versions <6.0.0 fail to sanitize sensitive information from Mattermost logs and clear data on server deletion which allows an attacker with access to the users system to gain access to potentially sensitive information via reading the application logs.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
mattermost-desktopnpm
<= 3.6.0

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.