CVE-2025-1398

Publication date

2025-03-17 14:19:51

Family

Mattermost

State

PUBLISHED

Description

Mattermost Desktop App versions <=5.10.0 explicitly declared unnecessary macOS entitlements which allows an attacker with remote access to bypass Transparency, Consent, and Control (TCC) via code injection.