CVE-2026-8075

Summary

Mattermost Desktop App versions <=6.2 5.5.13 6.0.2.0 fail to properly null check when checking for headers in the Mattermost Desktop App which allows any user to crash another channel members Desktop App via posting a malicious link with an embedded image that misses one of those headers. Mattermost Advisory ID: MMSA-2026-00668

Affected Software

VendorProductVersion RangeStatus
MattermostMattermost0 <= 5.5.13affected
MattermostMattermost0 <= 6.0.2affected
MattermostMattermost6.3.0unaffected
MattermostMattermost5.13.6.0unaffected
MattermostMattermost6.2.1.0unaffected

Weaknesses

  • CWE-754: CWE-754: Improper Check for Unusual or Exceptional Conditions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References