CVE-2025-14350 | Mattermost up to 10.11.9/11.1.2/11.2.1 Team Membership channel_mentions authorization

Inserito da Angelo Barbosa | Feb 16, 2026 | CVE

A vulnerability described as problematic has been identified in Mattermost up to 10.11.9/11.1.2/11.2.1. This impacts an unknown function of the component Team Membership Handler. Such manipulation of the argument channel_mentions leads to missing authorization.

This vulnerability is referenced as CVE-2025-14350. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is recommended.

CVE-2025-14350 | Mattermost up to 10.11.9/11.1.2/11.2.1 Team Membership channel_mentions authorization

Post correlati

CVE-2025-4233 | Palo Alto Prisma Access Browser 132.83.3017.1 cache containing sensitive information

CVE-2024-34402 | uriparser up to 0.9.7 UriQuery.c ComposeQueryEngine integer overflow (ID 183)

CVE-2024-41086 | Linux Kernel up to 6.9.7 bcachefs bch2_sb_downgrade_validate (bf920ed92ef2/692aa7a54b2b)

CVE-2024-45033 | Apache Airflow Fab Provider up to 1.5.1 session expiration