Total CVEs

130,823

Critical Severity

2,726

High Severity

9,741

Last 7 Days

761
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 41 - 43 of 43 CVEs
CVE-2026-0997 MEDIUM - 4.3

Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 and Mattermost Plugin Zoom versions <=1.11.0 fail to validate the authenticated user when processing {{/plugins/zoom/api/v1/channel-preference}}, which allows any logged-in user to change Zoom meeting restrictions...

Vendor: mattermost
Product: mattermost_server
Published: Feb 16, 2026
Source: NVD
CVE-2025-14435 MEDIUM - 6.5

Mattermost versions 10.11.x <= 10.11.8, 11.1.x <= 11.1.1, 11.0.x <= 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops.

Vendor: mattermost
Product: mattermost_server
Published: Jan 16, 2026
Source: NVD
CVE-2025-14822 MEDIUM - 6.5

Mattermost versions 10.11.x <= 10.11.8 fail to validate input size before processing hashtags which allows an authenticated attacker to exhaust CPU resources via a single HTTP request containing a post with thousands space-separated tokens

Vendor: mattermost
Product: mattermost_server
Published: Jan 16, 2026
Source: NVD