CVE-2025-14822
Mattermost versions 10.11.x <= 10.11.8 fail to validate input size before processing hashtags which allows an authenticated attacker to exhaust CPU resources via a single HTTP request containing a post with thousands space-separated tokens
Vendor
Product
CWE
Yayın Tarihi
2026-01-16 09:16:01
Güncelleme
2026-01-20 15:11:19
Source Identifier
responsibledisclosure@mattermost.com
KEV Date Added
-