[Git][security-tracker-team/security-tracker][master] Process some new mattermost-server issues

Salvatore Bonaccorso (@carnil) Mon, 16 Mar 2026 14:34:41 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ce799d4c by Salvatore Bonaccorso at 2026-03-16T22:33:37+01:00
Process some new mattermost-server issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -115,23 +115,23 @@ CVE-2026-30875 (Chamilo LMS is a learning management 
system. Prior to version 1.
 CVE-2026-30405 (An issue in GoBGP gobgpd v.4.2.0 allows a remote attacker to 
cause a d ...)
        TODO: check
 CVE-2026-2578 (Mattermost versions 11.3.x <= 11.3.0 fail to preserve the 
redacted sta ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-2476 (Mattermost Plugins versions <=2.0.3.0 fail to properly mask 
sensitive  ...)
        NOT-FOR-US: Mattermost Plugins
 CVE-2026-2463 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x 
<= 10. ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-2462 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x 
<= 10. ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-2461 (Mattermost Plugins versions <=11.3 11.0.3 11.2.2 10.10.11.0 
fail to im ...)
        NOT-FOR-US: Mattermost Plugins
 CVE-2026-2458 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x 
<= 10. ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-2457 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x 
<= 10. ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-2456 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x 
<= 10. ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-2455 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x 
<= 10. ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-2326
        REJECTED
 CVE-2026-29521 (Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a 
cross-s ...)
@@ -153,27 +153,27 @@ CVE-2026-28430 (Chamilo LMS is a learning management 
system. Prior to version 1.
 CVE-2026-27962 (Authlib is a Python library which builds OAuth and OpenID 
Connect serv ...)
        TODO: check
 CVE-2026-26304 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2 fail to 
verify  ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-26246 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 
10.11.x <= 10. ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-25783 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 
10.11.x <= 10. ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-25780 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 
10.11.x <= 10. ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-25369 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24692 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 
10.11.x <= 10. ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-24458 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 
10.11.x <= 10. ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-23862 (Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain 
an Impro ...)
        NOT-FOR-US: Dell / EMC
 CVE-2026-23489 (Fields is a GLPI plugin that allows users to add custom fields 
on GLPI ...)
        NOT-FOR-US: GLPI plugin
 CVE-2026-22545 (Mattermost versions 10.11.x <= 10.11.10 fail to validate 
user's authen ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2026-21386 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 
10.11.x <= 10. ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2025-69809 (A write-what-where condition in p2r3 Bareiron commit 8e4d40 
allows una ...)
        TODO: check
 CVE-2025-69808 (An out-of-bounds memory access (OOB) in p2r3 Bareiron commit 
8e4d40 al ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce799d4cc9f474bb3492c7c67ec54442d30a7b98

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce799d4cc9f474bb3492c7c67ec54442d30a7b98
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some new mattermost-server issues

Reply via email to