CyberRota
← Ana sayfaya dön

CVE-2026-9162

MEDIUM · CVSS 4.3 EPSS %0.20

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-22T14:17:55.910 · Çekilme zamanı: 2026-06-30T18:29:12.500625+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-9162
Severity
MEDIUM
CVSS
4.3
EPSS
%0.20

Orijinal NVD Açıklaması

Mattermost versions 11.7.x <= 11.7.0, 11.6.x <= 11.6.2, 11.5.x <= 11.5.5, 10.11.x <= 10.11.17 fail to invalidate cached authentication state for active WebSocket connections during global session revocation, which allows a user with an existing WebSocket connection to remain authenticated and continue receiving real-time events until the cached session expires or the client reconnects.. Mattermost Advisory ID: MMSA-2026-00664