Medium severity4.9NVD Advisory· Published Mar 26, 2026· Updated Jun 8, 2026
CVE-2026-3116
CVE-2026-3116
Description
Mattermost Plugins versions <=11.4 11.0.4 11.1.3 11.3.2 10.11.11.0 fail to validate incoming request size which allows an authenticated attacker to cause service disruption via the webhook endpoint. Mattermost Advisory ID: MMSA-2026-00589
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*range: >=10.11.0,<10.11.12
- (no CPE)range: 0
- Range: <=11.4, 11.0.4, 11.1.3, 11.3.2, 10.11.11.0
Patches
Vulnerability mechanics
References
1- mattermost.com/security-updatesnvdVendor Advisory
News mentions
0No linked articles in our index yet.