Mattermost (Desktop, Server und Mobile): Mehrere Schwachstellen
Multiple vulnerabilities have been identified in Mattermost, a web-based instant messaging service, affecting its Desktop, Server, and Mobile versions. The advisory from the Bundesamt für Sicherheit in der Informationstechnik references six CVEs but does not provide detailed technical descriptions or CVSS scores. No affected versions or patch information are specified. There are no known exploits in the wild at this time.
AI Analysis
Technical Summary
This advisory reports multiple security vulnerabilities in Mattermost across its Desktop, Server, and Mobile platforms. Six CVEs are associated with this report (CVE-2026-5139, CVE-2026-6062, CVE-2026-6673, CVE-2026-8074, CVE-2026-9162, CVE-2026-22880). However, no technical details beyond their existence are provided, and no CVSS scores or exploitation details are available. The vendor advisory (WID-SEC-W-2026-1650) does not include patch or remediation information. The vulnerabilities are catalogued by the German Federal Office for Information Security (BSI), but the lack of further data limits detailed analysis.
Potential Impact
The impact of these vulnerabilities cannot be precisely determined from the available information as no specific descriptions or CVSS scores are provided. There are no known exploits in the wild, and no affected versions or affected components are detailed. Without further data, the potential impact remains unclear.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory (WID-SEC-W-2026-1650) from the Bundesamt für Sicherheit in der Informationstechnik for current remediation guidance. No official fix or temporary mitigation has been indicated in the provided data.
Mattermost (Desktop, Server und Mobile): Mehrere Schwachstellen
Description
Multiple vulnerabilities have been identified in Mattermost, a web-based instant messaging service, affecting its Desktop, Server, and Mobile versions. The advisory from the Bundesamt für Sicherheit in der Informationstechnik references six CVEs but does not provide detailed technical descriptions or CVSS scores. No affected versions or patch information are specified. There are no known exploits in the wild at this time.
Affected software
pkg:github/mattermost/mattermost-serverRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory reports multiple security vulnerabilities in Mattermost across its Desktop, Server, and Mobile platforms. Six CVEs are associated with this report (CVE-2026-5139, CVE-2026-6062, CVE-2026-6673, CVE-2026-8074, CVE-2026-9162, CVE-2026-22880). However, no technical details beyond their existence are provided, and no CVSS scores or exploitation details are available. The vendor advisory (WID-SEC-W-2026-1650) does not include patch or remediation information. The vulnerabilities are catalogued by the German Federal Office for Information Security (BSI), but the lack of further data limits detailed analysis.
Potential Impact
The impact of these vulnerabilities cannot be precisely determined from the available information as no specific descriptions or CVSS scores are provided. There are no known exploits in the wild, and no affected versions or affected components are detailed. Without further data, the potential impact remains unclear.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory (WID-SEC-W-2026-1650) from the Bundesamt für Sicherheit in der Informationstechnik for current remediation guidance. No official fix or temporary mitigation has been indicated in the provided data.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_base
- Csaf Version
- 2.0
- Publisher
- Bundesamt für Sicherheit in der Informationstechnik
- Advisory Id
- WID-SEC-W-2026-1650
- Cve Count
- 6
- Additional Cves
- ["CVE-2026-6062","CVE-2026-6673","CVE-2026-8074","CVE-2026-9162","CVE-2026-22880"]
- Cvss Version
- null
Threat ID: 6a3aab58eed863c81e3a4be8
Added to database: 06/23/2026, 15:50:48 UTC
Last enriched: 06/23/2026, 15:55:05 UTC
Last updated: 06/26/2026, 20:56:20 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.