CVE-2026-6957 | THREATINT

Description

Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which allows an administrator of a remote federated Mattermost server to write files to arbitrary locations within the target server's filestore via a malicious filename delivered through the shared-channel attachment sync protocol. Mattermost Advisory ID: MMSA-2026-00659

PUBLISHED Reserved 2026-04-24 | Published 2026-05-27 | Updated 2026-05-28 | Assigner Mattermost

HIGH: 8.0CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Problem types

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status

unaffected

Any version

affected

unaffected

Credits

Hassan Mohammed finder

References

mattermost.com/security-updates (MMSA-2026-00659) vendor-advisory

cve.org (CVE-2026-6957)

nvd.nist.gov (CVE-2026-6957)

Download JSON