Path traversal in integration action URL leading to arbitrary API...

8 / 10

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

Description

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to check integration URL for path traversal which allows an malicious authenticated user to call an arbitrary API via system admin Mattermost auth token using via path traversal in integration action URL.. Mattermost Advisory ID: MMSA-2026-00640

Basic Information

ID CVE-2026-4858

Source Mattermost

Published May 21, 2026 at 08:12

Affected Product

Vendor Mattermost

Product Mattermost

Version 11.6.0

Affected Versions Mattermost Mattermost 11.6.0
Mattermost Mattermost 11.5.0
Mattermost Mattermost 11.4.0
Mattermost Mattermost 10.11.0

CWE Classification

CWE-22

References

mattermost.com /security-updates

{
    "lastseen": "",
    "description": "Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to check integration URL for path traversal which allows an malicious authenticated user  to call an arbitrary API via system admin Mattermost auth token using via path traversal in integration action URL.. Mattermost Advisory ID: MMSA-2026-00640",
    "published": "2026-05-21T08:12:11.176Z",
    "modified": "2026-05-21T08:12:11.176Z",
    "type": "cve",
    "title": "Path traversal in integration action URL leading to arbitrary API execution via system admin\u2019s auth token.",
    "source": "Mattermost",
    "references": "https://mattermost.com/security-updates",
    "id": "CVE-2026-4858",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "Mattermost Mattermost 11.6.0\nMattermost Mattermost 11.5.0\nMattermost Mattermost 11.4.0\nMattermost Mattermost 10.11.0",
    "sourceHref": "",
    "cvss": {
        "score": 8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Mattermost",
    "version": "11.6.0",
    "vendor": "Mattermost",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Path traversal in integration action URL leading to arbitrary API execution via system admin’s auth token._CVE-2026-4858