CVE-2026-28732

Source
https://cve.org/CVERecord?id=CVE-2026-28732
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-28732.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-28732
Aliases
Published
2026-05-18T08:35:40.393Z
Modified
2026-07-08T08:00:00.425795716Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
Slash command trigger-word update allowed command hijacking
Details

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 Fail to enforce slash command trigger-word uniqueness during command updates which allows an authenticated team member with Manage Own Slash Commands permission to hijack and impersonate existing system or custom slash commands via editing their own slash command trigger to an already-registered trigger through the command update API. Mattermost Advisory ID: MMSA-2026-00597

Database specific
{
    "cna_assigner": "Mattermost",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/28xxx/CVE-2026-28732.json",
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "introduced": "11.5.0"
                },
                {
                    "last_affected": "11.5.1"
                },
                {
                    "introduced": "10.11.0"
                },
                {
                    "last_affected": "10.11.13"
                },
                {
                    "introduced": "11.4.0"
                },
                {
                    "last_affected": "11.4.3"
                }
            ],
            "source": "AFFECTED_FIELD"
        }
    ],
    "cwe_ids": [
        "CWE-863"
    ]
}
References

Affected packages

Git / github.com/mattermost/mattermost

Affected ranges

Type
GIT
Repo
https://github.com/mattermost/mattermost
Events
Database specific
{
    "extracted_events": [
        {
            "introduced": "10.11.0"
        },
        {
            "fixed": "10.11.14"
        },
        {
            "introduced": "11.4.0"
        },
        {
            "fixed": "11.4.4"
        },
        {
            "introduced": "11.5.0"
        },
        {
            "fixed": "11.5.2"
        }
    ],
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*"
}

Affected versions

@mattermost/client@10.*
@mattermost/client@10.11.0
@mattermost/client@11.*
@mattermost/client@11.4.0
@mattermost/types@10.*
@mattermost/types@10.11.0
@mattermost/types@11.*
@mattermost/types@11.4.0
mattermost-redux@10.*
mattermost-redux@10.11.0
mattermost-redux@11.*
mattermost-redux@11.4.0
v10.*
v10.11.0
v10.11.0-rc3
v10.11.1
v10.11.1-rc1
v10.11.10
v10.11.11
v10.11.11-rc1
v10.11.11-rc2
v10.11.12
v10.11.13
v10.11.13-rc1
v10.11.14-rc1
v10.11.2
v10.11.2-rc1
v10.11.2-rc2
v10.11.3
v10.11.4
v10.11.4-rc1
v10.11.4-rc2
v10.11.4-rc3
v10.11.5
v10.11.6
v10.11.7
v10.11.8
v10.11.9
v10.11.9-rc1
v11.*
v11.4.0
v11.4.0-rc3
v11.4.1
v11.4.1-rc1
v11.4.1-rc2
v11.4.2
v11.4.3
v11.5.0
v11.5.1
v11.5.2-rc1
v11.5.2-rc2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-28732.json"