CVE-2026-1046

Publication date

2026-02-16 12:10:38

Family

Mattermost

State

PUBLISHED

Description

Mattermost Desktop App versions <=6.0 6.2.0 5.2.13.0 fail to validate help links which allows a malicious Mattermost server to execute arbitrary executables on a user’s system via the user clicking on certain items in the Help menu Mattermost Advisory ID: MMSA-2026-00577