Security Advisory

CVE-2026-27769

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-15 10:11:07

Last updated 2026-04-15 13:08:35

Assigner Mattermost

State PUBLISHED

Description

Mattermost versions 10.11.x <= 10.11.12 fail to validate whether users were correctly owned by the correct Connected Workspace which allows a malicious remote server connected using the Conntexted Workspaces feature to change the displayed status of local users via the Connected Workspaces API.. Mattermost Advisory ID: MMSA-2026-00603

← Browse all CVEs View on cve.org ↗