VYPR
Low severityNVD Advisory· Published Mar 17, 2025· Updated Mar 31, 2025

macOS TCC Bypass via Code Injection

CVE-2025-1398

Description

Mattermost Desktop App versions <=5.10.0 explicitly declared unnecessary macOS entitlements which allows an attacker with remote access to bypass Transparency, Consent, and Control (TCC) via code injection.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
mattermost-desktopnpm
< 5.11.05.11.0

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.