CVE-2026-3115

Source
https://cve.org/CVERecord?id=CVE-2026-3115
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3115.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-3115
Aliases
Published
2026-03-26T16:23:05.887Z
Modified
2026-07-08T08:05:02.382128830Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
Guest users can view group member IDs without respecting view restrictions
Details

Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to apply view restrictions when retrieving group member IDs, which allows authenticated guest users to enumerate user IDs outside their allowed visibility scope via the group retrieval endpoint.. Mattermost Advisory ID: MMSA-2026-00594

Database specific
{
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "introduced": "11.2.0"
                },
                {
                    "last_affected": "11.2.2"
                },
                {
                    "introduced": "10.11.0"
                },
                {
                    "last_affected": "10.11.10"
                },
                {
                    "introduced": "11.4.0"
                },
                {
                    "last_affected": "11.4.0"
                },
                {
                    "introduced": "11.3.0"
                },
                {
                    "last_affected": "11.3.1"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/3xxx/CVE-2026-3115.json",
    "cna_assigner": "Mattermost",
    "cwe_ids": [
        "CWE-863"
    ]
}
References

Affected packages

Git / github.com/mattermost/mattermost

Affected ranges

Type
GIT
Repo
https://github.com/mattermost/mattermost
Events
Database specific
{
    "source": [
        "CPE_RANGE",
        "CPE_STRING"
    ],
    "cpe": [
        "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:mattermost:mattermost_server:11.4.0:*:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "10.11.0"
        },
        {
            "fixed": "10.11.11"
        },
        {
            "introduced": "11.2.0"
        },
        {
            "fixed": "11.2.3"
        },
        {
            "introduced": "11.3.0"
        },
        {
            "fixed": "11.3.2"
        },
        {
            "introduced": "11.4.0"
        },
        {
            "last_affected": "11.4.0"
        }
    ]
}

Affected versions

11.*
11.4.0
@mattermost/client@10.*
@mattermost/client@10.11.0
@mattermost/client@11.*
@mattermost/client@11.3.0
@mattermost/types@10.*
@mattermost/types@10.11.0
@mattermost/types@11.*
@mattermost/types@11.3.0
mattermost-redux@10.*
mattermost-redux@10.11.0
mattermost-redux@11.*
mattermost-redux@11.3.0
v10.*
v10.11.0
v10.11.0-rc3
v10.11.1
v10.11.1-rc1
v10.11.10
v10.11.11-rc1
v10.11.2
v10.11.2-rc1
v10.11.2-rc2
v10.11.3
v10.11.4
v10.11.4-rc1
v10.11.4-rc2
v10.11.4-rc3
v10.11.5
v10.11.6
v10.11.7
v10.11.8
v10.11.9
v10.11.9-rc1
v11.*
v11.2.0
v11.2.1
v11.2.1-rc1
v11.2.2
v11.3.0
v11.3.0-rc3
v11.3.0-rc4
v11.3.1
v11.3.1-rc1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3115.json"