CVE-2026-2578
Mattermost versions 11.3.x <= 11.3.0 fail to preserve the redacted state of burn-on-read posts during deletion which allows channel members to access unrevealed burn-on-read message contents via the WebSocket post deletion event.. Mattermost Advisory ID: MMSA-2026-00579
Vendor
Product
CWE
Yayın Tarihi
2026-03-16 14:19:30
Güncelleme
2026-03-18 17:42:38
Source Identifier
responsibledisclosure@mattermost.com
KEV Date Added
-