Mattermost Plugin Apps

CVEs (1)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-6957	Mattermost Mattermost Plugin Apps	Hig	0.52	8.0	—		May 27, 2026	Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which allows an administrator of a remote federated Mattermost server to write files to arbitrary locations within the target…

CVE-2026-6957HigMay 27, 2026
Mattermost
Mattermost Plugin Apps
risk 0.52cvss 8.0epss —
Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which allows an administrator of a remote federated Mattermost server to write files to arbitrary locations within the target…