Back to overview

CVE-2026-8075

MEDIUM
6.5
CVSS 3.1
Description
Mattermost Desktop App versions <=6.2 5.5.13 6.0.2.0 fail to properly null check when checking for headers in the Mattermost Desktop App which allows any user to crash another channel members Desktop App via posting a malicious link with an embedded image that misses one of those headers. Mattermost Advisory ID: MMSA-2026-00668

Metadata

CVE ID
CVE-2026-8075
State
PUBLISHED
Assigner
Mattermost
Reserved
2026-05-07 10:57 UTC
Published
2026-07-17 10:05 UTC
Last updated
2026-07-17 12:53 UTC
Primary CWE
CWE-754
CWE-754: Improper Check for Unusual or Exceptional Condition…
Vendor / Product
Mattermost / Mattermost
Sources
cve.org  ·  NVD

Severity & Metrics

6.5 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SSVC — CISA Coordinator
Exploitation
none
Automatable
no
Tech. Impact
partial
Affected products (1)
VendorProductPlatformVersions
Mattermost Mattermost 0 ≤ 5.5.13, 0 ≤ 6.0.2, 6.3.0, 5.13.6.0 …
Weakness (CWE)
CWESourceDescription
CWE-754 cna CWE-754: Improper Check for Unusual or Exceptional Conditions
CVSS scores (1)
ScoreSeverityVersionSourceVector
6.5 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References (1)
Back to overview