Security Advisory

CVE-2026-3109

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-26 16:28:07

Last updated 2026-03-26 19:52:11

Assigner Mattermost

State PUBLISHED

Description

Mattermost Plugins versions <=11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584

← Browse all CVEs View on cve.org ↗