CVE-2025-2527 | Mattermost up to 9.11.11/10.5.2/10.6.x API authorization

Inserito da Angelo Barbosa | Mag 15, 2025 | CVE

A vulnerability was found in Mattermost up to 9.11.11/10.5.2/10.6.x and classified as problematic. Affected by this issue is some unknown functionality of the component API. The manipulation leads to incorrect authorization.

This vulnerability is handled as CVE-2025-2527. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-2527 | Mattermost up to 9.11.11/10.5.2/10.6.x API authorization

Post correlati

CVE-2024-46892 | Siemens SINEC INS up to 1.0 SP2 Update 2 session expiration (ssa-915275)

CVE-2023-52903 | Linux Kernel up to 5.10.164/5.15.88/6.1.6 io_uring/io_uring.c __io_cqring_overflow_flush Privilege Escalation

CVE-2024-41264 | Casdoor 1.636.0 ssh.InsecureIgnoreHostKey information disclosure

CVE-2024-36104 | Apache OFBiz up to 18.12.13 path traversal