CyberRota
← Ana sayfaya dön

CVE-2026-10103

MEDIUM · CVSS 4.3

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-13T09:16:23.653 · Çekilme zamanı: 2026-07-13T12:06:19.403089+00:00

CyberRota Yorumu

Uzaktan istismar edilebilir olabilir.

CVE
CVE-2026-10103
Severity
MEDIUM
CVSS
4.3
EPSS
Yok

Orijinal NVD Açıklaması

Mattermost versions 11.7.x <= 11.7.2, 11.6.x <= 11.6.4, 10.11.x <= 10.11.19 fail to verify post ownership in the shared channel inbound sync handler, which allows an authenticated remote cluster to modify or delete posts authored by local users or other remotes via crafted sync messages referencing arbitrary post IDs in channels shared with that remote.. Mattermost Advisory ID: MMSA-2026-00689