Package impact
Go / github.com/mattermost/focalboard
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-25773 | medium | 6.5 | 6.5 | 2mo ago | Focalboard doesn't sanitize category IDs before incorporating them into dynamic SQL statements | |
| CVE-2026-28736 | medium | 4.3 | 4.3 | 2mo ago | Focalboard doesn't validate file ownership when serving uploaded files |