Medium severity6.5NVD Advisory· Published May 22, 2026· Updated May 22, 2026
CVE-2026-4635
CVE-2026-4635
Description
Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to archive the channel before removing persistent notifications which allows authenticated user to crash the server via timing the creation of persistent notification message between the server deleting existing persistent notifications and archiving the channel.. Mattermost Advisory ID: MMSA-2026-00637
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*range: >=10.11.0,<10.11.15
- (no CPE)range: <=11.6.0, <=11.5.3, <=11.4.4, <=10.11.14
Patches
Vulnerability mechanics
References
1- mattermost.com/security-updatesnvdVendor Advisory
News mentions
0No linked articles in our index yet.