VYPR
Medium severity4.9NVD Advisory· Published Mar 26, 2026· Updated Jun 8, 2026

CVE-2026-3116

CVE-2026-3116

Description

Mattermost Plugins versions <=11.4 11.0.4 11.1.3 11.3.2 10.11.11.0 fail to validate incoming request size which allows an authenticated attacker to cause service disruption via the webhook endpoint. Mattermost Advisory ID: MMSA-2026-00589

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*range: >=10.11.0,<10.11.12
    • (no CPE)range: 0
  • Range: <=11.4, 11.0.4, 11.1.3, 11.3.2, 10.11.11.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.

CVE-2026-3116 · Medium · VYPR