github.com/mattermost/mattermost/server/v8 vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2025-2527Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost Fails to Verify User's Permissions When Accessing GroupsCVE-2025-3446Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost Fails to Validate Team Invite PermissionsCVE-2025-31947Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost Fails to Lockout LDAP Users After Repeated Login FailuresCVE-2025-41395Mediumgithub.com/mattermost/mattermost-plugin-playbooks: Mattermost Playbooks fails to properly validate the props used by the RetrospectivePost custom post…CVE-2025-41423Lowgithub.com/mattermost/mattermost-plugin-playbooks: Mattermost Playbooks fails to properly validate permissionsCVE-2025-35965Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost Playbooks fails to validate the uniqueness and quantity of task actionsCVE-2025-2564Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost Incorrect Authorization vulnerabilityCVE-2025-27936Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost vulnerable to Observable Timing DiscrepancyCVE-2025-31363Lowgithub.com/mattermost/mattermost/server/v8: Mattermost doesn't restrict domains LLM can request to contact upstreamCVE-2025-27571Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost Incorrect Authorization vulnerabilityCVE-2025-24839Lowgithub.com/mattermost/mattermost/server/v8: Mattermost Incorrect Authorization vulnerabilityCVE-2025-27538Lowgithub.com/mattermost/mattermost/server/v8: Mattermost Missing Authentication for Critical FunctionCVE-2025-2424Lowgithub.com/mattermost/mattermost/server/v8: Mattermost Incorrect Authorization vulnerabilityCVE-2025-2475Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost vulnerable to Incorrect Implementation of Authentication AlgorithmCVE-2025-32093Mediumgithub.com/mattermost/mattermost-server: Mattermost Fails to Restrict Certain Operations on System AdminsCVE-2025-24866Lowgithub.com/mattermost/mattermost/server/v8: Mattermost Fails to Enforce Proper Access Controls on `/api/v4/audits` EndpointCVE-2025-30179Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost Fails to Enforce Certain Search APIsCVE-2025-27933Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost allows members with permission to convert public channels to private and convert private…CVE-2025-27715Lowgithub.com/mattermost/mattermost/server/v8: Mattermost fail to prompt for explicit approval before adding a team admin to a private channelCVE-2025-24920Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost Fails to Restrict Bookmark Creation and Updates in Archived ChannelsCVE-2025-25068Highgithub.com/mattermost/mattermost/server/v8: Mattermost Fails to Enforce MFA on Plugin EndpointsCVE-2025-25274Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost Fails to Restrict Command Execution in Archived ChannelsCVE-2025-1472Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost Fails to Properly Perform Viewer Role AuthorizationCVE-2025-24526Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost fails to restrict channel export of archived channelsCVE-2025-25279Criticalgithub.com/mattermost/mattermost/server/v8: Mattermost allows reading arbitrary files related to importing boards

Stop the waste.
Protect your environment with Kodem.