Threat Intelligence Database

Mattermost versions 10.11.x up to 10.11.18, 11.6.x up to 11.6.3, and 11.5.x up to 11.5.6 contain a vulnerability where markdown image rendering restrictions are not properly applied to AI bot tool result posts. This flaw allows an authenticated attacker to exfiltrate data by injecting markdown image syntax into tool result content, which is then rendered by a victim's client. The vulnerability is classified as low severity and does not impact integrity or availability.

Mattermost versions 10.11.x up to 10.11.18, 11.6.x up to 11.6.3, and 11.5.x up to 11.5.6 contain a vulnerability in the Mattermost Agents plugin MCP server. The vulnerability allows an attacker with access to the MCP server in stdio mode to perform server-side request forgery (SSRF) by supplying internal URLs as file attachments in post creation requests. This occurs because the plugin fails to validate attachment URLs against internal or private IP ranges. The vulnerability can lead to exfiltration of data from internal network services.

Multiple vulnerabilities have been identified in Mattermost, a web-based instant messaging service, affecting its Desktop, Server, and Mobile versions. The advisory from the Bundesamt für Sicherheit in der Informationstechnik references six CVEs but does not provide detailed technical descriptions or CVSS scores. No affected versions or patch information are specified. There are no known exploits in the wild at this time.