Medium severity4.3NVD Advisory· Published May 18, 2026· Updated May 29, 2026
CVE-2026-6341
CVE-2026-6341
Description
Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID: MMSA-2026-00602
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*Range: >=10.13.0,<=10.13.11
- Range: <=11.5
Patches
Vulnerability mechanics
References
1- mattermost.com/security-updatesnvdVendor Advisory
News mentions
0No linked articles in our index yet.