VIR Vulnerability Intelligence Relay

Package impact

golang GO / github.com/mattermost/mattermost-server

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-3590 medium 5.5 1mo ago Mattermost has session spoofing due to lack of single-use consumption of guest magic link tokens enforcement golang
CVE-2026-27769 low 2.5 1mo ago Mattermost doesn't validate whether users were correctly owned by the correct Connected Workspace golang