Mattermost Server 10.11.x <= 10.11.9 / 11.0.x <= 11.2.x Improper Access Control (MMSA-2025-00549)

Version 1.2

Feb 19, 2026, 12:02 PM

CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C")
CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C")
Exploit attributes ("Exploit available" set to "False")
Exploit attributes ("Exploitability ease" set to "No known exploits are available")