Package impact
GO / github.com/mattermost/mattermost-server
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-3590 | medium | — | 5.5 | 1mo ago | Mattermost has session spoofing due to lack of single-use consumption of guest magic link tokens enforcement | |||
| CVE-2026-27769 | low | — | 2.5 | 1mo ago | Mattermost doesn't validate whether users were correctly owned by the correct Connected Workspace |