CVE-2026-3473

Source
https://cve.org/CVERecord?id=CVE-2026-3473
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3473.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-3473
Aliases
Published
2026-05-22T10:27:02.600Z
Modified
2026-07-08T08:12:52.593824646Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N CVSS Calculator
Summary
Improper file ownership validation in the Boards API allows unauthorised file access
Details

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate file ownership and access control, which allows an authenticated user to access and download files belonging to other users or teams via crafted Boards API requests using valid file IDs.. Mattermost Advisory ID: MMSA-2026-00620

Database specific
{
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "introduced": "11.6.0"
                },
                {
                    "last_affected": "11.6.0"
                },
                {
                    "introduced": "11.5.0"
                },
                {
                    "last_affected": "11.5.3"
                },
                {
                    "introduced": "11.4.0"
                },
                {
                    "last_affected": "11.4.4"
                },
                {
                    "introduced": "10.11.0"
                },
                {
                    "last_affected": "10.11.14"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/3xxx/CVE-2026-3473.json",
    "cna_assigner": "Mattermost",
    "cwe_ids": [
        "CWE-639"
    ]
}
References

Affected packages

Git / github.com/mattermost/mattermost

Affected ranges

Type
GIT
Repo
https://github.com/mattermost/mattermost
Events
Database specific
{
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "10.11.0"
        },
        {
            "fixed": "10.11.15"
        },
        {
            "introduced": "11.4.0"
        },
        {
            "fixed": "11.4.5"
        },
        {
            "introduced": "11.5.0"
        },
        {
            "fixed": "11.5.4"
        },
        {
            "introduced": "11.6.0"
        },
        {
            "fixed": "11.6.1"
        }
    ]
}

Affected versions

@mattermost/client@10.*
@mattermost/client@10.11.0
@mattermost/client@11.*
@mattermost/client@11.4.0
@mattermost/types@10.*
@mattermost/types@10.11.0
@mattermost/types@11.*
@mattermost/types@11.4.0
mattermost-redux@10.*
mattermost-redux@10.11.0
mattermost-redux@11.*
mattermost-redux@11.4.0
v10.*
v10.11.0
v10.11.0-rc3
v10.11.1
v10.11.1-rc1
v10.11.10
v10.11.11
v10.11.11-rc1
v10.11.11-rc2
v10.11.12
v10.11.13
v10.11.13-rc1
v10.11.14
v10.11.14-rc1
v10.11.2
v10.11.2-rc1
v10.11.2-rc2
v10.11.3
v10.11.4
v10.11.4-rc1
v10.11.4-rc2
v10.11.4-rc3
v10.11.5
v10.11.6
v10.11.7
v10.11.8
v10.11.9
v10.11.9-rc1
v11.*
v11.4.0
v11.4.0-rc3
v11.4.1
v11.4.1-rc1
v11.4.1-rc2
v11.4.2
v11.4.3
v11.4.4
v11.5.0
v11.5.1
v11.5.2
v11.5.2-rc1
v11.5.2-rc2
v11.5.2-rc3
v11.5.3
v11.6.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3473.json"