CVE-2025-1398 Information

Description

Mattermost Desktop App versions <=5.10.0 explicitly declared unnecessary macOS entitlements which allows an attacker with remote access to bypass Transparency Consent and Control (TCC) via code injection.

Reference

https://mattermost.com/security-updates