CNNVD-202601-2702 Information

CNNVD ID

CNNVD-202601-2702

Related CVE

CVE-2025-14822

• CNNVD Published: 2026-01-16

Description (Chinese)

Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost 10.11.8及之前的10.11.x版本存在安全漏洞，该漏洞源于处理主题标签前未验证输入大小，可能导致经过身份验证的攻击者通过单个HTTP请求耗尽CPU资源。

Description (English)

Mattermost is an open-source collaborative platform for Mattermost in the United States. There is a security loophole in Mettermost 10.11.8 and previous versions of 10.11.x, which stems from the unverified input size prior to the processing of the subject label, which may result in the individual HTTP request for the destruction of CPU resources.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Mattermost

Published

2026-01-16

Last Modified

2026-02-24

References

https://mattermost.com/security-updates https://access.redhat.com/security/cve/cve-2025-14822

Patch

https://mattermost.com/security-updates