Mattermost 10.11-11.5 Response Validation Flaw Enables Client DoS with SVG
CVE-2026-4054 Published on May 15, 2026
SVG content served through Mattermost image proxy despite Content-Type restrictions causes client-side denial of service
Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 Fail to validate the response body of proxied images, which allows a remote attacker to enact client-side DoS via an SVG file served from an attacker-controlled origin under a non-SVG Content-Type header (e.g. image/png) embedded in an og:image meta tag or Markdown image link.. Mattermost Advisory ID: MMSA-2026-00630
Vulnerability Analysis
CVE-2026-4054 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a small impact on availability.
Weakness Type
Improper Check for Unusual or Exceptional Conditions
The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.
Products Associated with CVE-2026-4054
Want to know whenever a new CVE is published for MatterMost? stack.watch will email you.
Affected Versions
Mattermost:- Version 11.5.0, <= 11.5.1 is affected.
- Version 10.11.0, <= 10.11.13 is affected.
- Version 11.4.0, <= 11.4.3 is affected.
- Version 11.6.0 is unaffected.
- Version 11.5.2 is unaffected.
- Version 10.11.14 is unaffected.
- Version 11.4.4 is unaffected.