CyberRota
← Ana sayfaya dön

CVE-2026-8074

LOW · CVSS 3.8 EPSS %0.19

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-22T14:17:53.733 · Çekilme zamanı: 2026-06-30T18:29:12.019112+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-8074
Severity
LOW
CVSS
3.8
EPSS
%0.19

Orijinal NVD Açıklaması

Mattermost versions 11.7.x <= 11.7.0, 10.11.x <= 10.11.17 fail to enforce bot-specific permission checks on the user active status endpoint, which allows a User Manager with user management write access but no Integrations access to deactivate bot accounts via the PUT /api/v4/users/{id}/active API endpoint.. Mattermost Advisory ID: MMSA-2026-00667