CVE-2026-3114 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Mattermost versions 11.4.x
Medium CVSS: 6.5

CVE-2026-3114

Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to validate decompressed archive entry sizes during file extraction which allows authenticated users with file upload permissions to cause a denial of service via crafted zip archives containing highly compressed entries (zip bombs) that exhaust server memory.. Mattermost Advisory ID: MMSA-2026-00598
Vendor
Mattermost
Product
Mattermost Server
CWE
CWE-409
Yayın Tarihi
2026-03-26 17:16:42
Güncelleme
2026-03-30 19:40:45
Source Identifier
responsibledisclosure@mattermost.com
KEV Date Added
-

Kategoriler

CWE-409 Mattermost Server MEDIUM Mattermost 2026

Referanslar

https://mattermost.com/security-updates