Mattermost Desktop
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Mattermost Desktop.
By the Year
In 2025 there have been 0 vulnerabilities in Mattermost Desktop. Last year, in 2024 Mattermost Desktop had 5 security vulnerabilities published. Right now, Mattermost Desktop is on track to have less security vulnerabilities in 2025 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 5 | 5.80 |
2023 | 4 | 5.38 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Mattermost Desktop vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Mattermost Desktop Security Vulnerabilities
Mattermost Desktop App versions <=5.8.0 fail to sufficiently configure Electron Fuses which
CVE-2024-45835
6.5 - Medium
- September 16, 2024
Mattermost Desktop App versions <=5.8.0 fail to sufficiently configure Electron Fuses which allows an attacker to gather Chromium cookies or abuse other misconfigurations via remote/local access.
Mattermost Desktop App versions <=5.8.0 fail to safeguard screen capture functionality which
CVE-2024-39772
5.3 - Medium
- September 16, 2024
Mattermost Desktop App versions <=5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs.
Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file, which allows a local attacker who is able to put an cmd.exe file in the Downloads folder of a user's machine to cause remote code execution on
CVE-2024-39613
7.8 - High
- September 16, 2024
Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file, which allows a local attacker who is able to put an cmd.exe file in the Downloads folder of a user's machine to cause remote code execution on that machine.
DLL preloading
Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which
CVE-2024-37182
6.1 - Medium
- June 14, 2024
Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI schemes.
Mattermost Desktop App versions <=5.7.0 fail to disable certain Electron debug flags which
CVE-2024-36287
3.3 - Low
- June 14, 2024
Mattermost Desktop App versions <=5.7.0 fail to disable certain Electron debug flags which allows for bypassing TCC restrictions on macOS.
Mattermost fails to properly validate a RegExp built off the server URL path
CVE-2023-5876
5.3 - Medium
- November 02, 2023
Mattermost fails to properly validate a RegExp built off the server URL path, allowing an attacker in control of an enrolled server to mount a Denial Of Service.
Mattermost Desktop fails to correctly handle permissions or prompt the user for consent on certain sensitive ones
CVE-2023-5875
5.3 - Medium
- November 02, 2023
Mattermost Desktop fails to correctly handle permissions or prompt the user for consent on certain sensitive ones allowing media exploitation from a malicious mattermost server
Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged
CVE-2023-5339
5.5 - Medium
- October 17, 2023
Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged.
Insertion of Sensitive Information into Log File
Mattermost Desktop App fails to validate a mattermost server redirection and navigates to an arbitrary website
CVE-2023-2000
5.4 - Medium
- May 02, 2023
Mattermost Desktop App fails to validate a mattermost server redirection and navigates to an arbitrary website
Open Redirect
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Mattermost Desktop or by Mattermost? Click the Watch button to subscribe.