[Git][security-tracker-team/security-tracker][master] Add new issues for mattermost-server, itp'ed

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon May 18 20:16:47 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e7abcab by Salvatore Bonaccorso at 2026-05-18T21:16:31+02:00
Add new issues for mattermost-server, itp'ed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,35 +17,35 @@ CVE-2026-7301 (SGLangs multimodal generation runtime scheduler's ROUTER socket b
 CVE-2026-6902 (A vulnerability in Command-Line Client in P4 Server prior to the 2025. ...)
 	TODO: check
 CVE-2026-6347 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 1 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-6346 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 1 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-6345 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 1 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-6343 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 1 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-6342 (Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 fail to ap ...)
 	TODO: check
 CVE-2026-6341 (Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 fail to ha ...)
 	TODO: check
 CVE-2026-6340 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 1 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-6339 (Mattermost versions 11.5.x <= 11.5.1, 11.4.x <= 11.4.3 fail to validat ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-6334 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to enfo ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-6333 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to vali ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-5163 (Mattermost versions 11.5.x <= 11.5.1 fail to verify channel membership ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-4643 (Mattermost Desktop App versions <=6.1 6.0.1 5.4.13.0 fail to prevent s ...)
 	TODO: check
 CVE-2026-4320 (Authorization Bypass vulnerability in Creartia's ICMS software could a ...)
 	TODO: check
 CVE-2026-4286 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to chec ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-4273 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to vali ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-45829 (A pre-authentication, code injection vulnerability in version 1.0.0 or ...)
 	TODO: check
 CVE-2026-45495 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability)
@@ -75,9 +75,9 @@ CVE-2026-41119 (Dell Live Optics Windows and Personal Edition collectors contain
 CVE-2026-41085 (Thermo Fisher Scientific Torrent Suite Dx through 5.14.2 has a privile ...)
 	TODO: check
 CVE-2026-3637 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 1 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-3495 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to esca ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-3471 (Mattermost Desktop App versions <=6.1 6.0.1 5.4.13.0 fail to prevent a ...)
 	TODO: check
 CVE-2026-3117 (Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 fail to pr ...)
@@ -93,7 +93,7 @@ CVE-2026-32849 (NetBSD prior to commit ec8451e contains a signed integer overflo
 CVE-2026-32848 (NetBSD prior to commit ec8451e contains a race condition vulnerability ...)
 	TODO: check
 CVE-2026-2325 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 1 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-29965 (HSC MailInspector 5.3.3-7 is vulnerable to Cross Site Scripting (XSS)  ...)
 	TODO: check
 CVE-2026-29964 (HSC MailInspector v5.3.3-7 contains a Cross-Site Scripting (XSS) vulne ...)
@@ -103,9 +103,9 @@ CVE-2026-29963 (HSC MailInspector 5.3.3-7 has a Path Traversal vulnerability due
 CVE-2026-29962 (HSC MailInspector v5.3.3-7 contains a Local File Inclusion (LFI) vulne ...)
 	TODO: check
 CVE-2026-28759 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 1 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-28732 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 1 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2026-26462 (Offline Hospital Management System 5.3.0 allows remote code execution  ...)
 	TODO: check
 CVE-2026-20685 (An attacker in a privileged network position may be able to leak sensi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e7abcab6a4f8717098fc4dd99d8b624122d6bf2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e7abcab6a4f8717098fc4dd99d8b624122d6bf2
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260518/f38148c0/attachment.htm>

More information about the debian-security-tracker-commits mailing list