Security Advisory

CVE-2025-14822

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-16 08:52:43

Last updated 2026-01-16 13:00:45

Assigner Mattermost

State PUBLISHED

Description

Mattermost versions 10.11.x <= 10.11.8 fail to validate input size before processing hashtags which allows an authenticated attacker to exhaust CPU resources via a single HTTP request containing a post with thousands space-separated tokens

← Browse all CVEs View on cve.org ↗