CVE-2026-28735

Summary

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to gain access to private repositories via modifying the scope parameter in the GitHub authorization URL.. Mattermost Advisory ID: MMSA-2026-00628

Affected Software

VendorProductVersion RangeStatus
MattermostMattermost11.6.0 <= 11.6.0affected
MattermostMattermost11.5.0 <= 11.5.3affected
MattermostMattermost11.4.0 <= 11.4.4affected
MattermostMattermost10.11.0 <= 10.11.14affected
MattermostMattermost11.7.0unaffected
MattermostMattermost11.6.1unaffected
MattermostMattermost11.5.4unaffected
MattermostMattermost11.4.5unaffected
MattermostMattermost10.11.15unaffected

Weaknesses

  • CWE-863: CWE-863: Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References