Ctrl + K
/ news / CVE
CVEPublished 2026-05-21Modified 2026-05-211 article on news7 live referencesNVD data

CVE-2026-4858Mattermost · Mattermost_server

Vulnerability data via NVD (ingested)

CVSS v3.1
8.0
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
EPSS percentile
Weaknesses (CWE)
CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to check integration URL for path traversal which allows an malicious authenticated user to call an arbitrary API via system admin Mattermost auth token using via path traversal in integration action URL.. Mattermost Advisory ID: MMSA-2026-00640

Timeline
Published 2026-05-21
Modified 2026-05-21

External references

NVDMITREExploit-DBGitHub PoCSploitustrickest/cveVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts
vuln:CVE-2026-4858
Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · product
product:"Mattermost Mattermost Server"
All exposed Mattermost Mattermost Server instances — cross-reference with the CVE's affected-version range.
Shodan · banner/body mention
http.html:"Mattermost Server"
HTTP body or banner mentions "Mattermost Server" — catches deploys Shodan didn't identify as a product.
More intel sources (5)
Shodan report
vuln:CVE-2026-4858
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2026-4858
Censys host search filtered to this CVE id.
grep.app
CVE-2026-4858
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2026-4858
GitHub code search for direct mentions.
Google dork
"CVE-2026-4858" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub (8)

CVE-2026-48588 repos
yks0000/starred-repo-tocGo
Generates Markdown table for all Starred Repositories by a GitHub user.
★ 44·updated 1d ago
arnika-project/arnikaGo
Arnika - Quantum secure VPN
★ 38·updated 1mo ago
mooyoul/awesome-starsunknown
A curated list of my GitHub stars
★ 21·updated 1d ago
hugefiver/mystarsunknown
★ 16·updated 1d ago
oslook/n8n-workflowsunknown
4200 + Workflow Automation Templates are Grouped by Categories/Services for easy navigation
★ 6·updated 10mo ago
liuzhen9320/zstarunknown
They said organizing stars was extremely troublesome, so I lent a hand.
★ 5·updated 1d ago
timoguin/starsunknown
My starred repositories
★ 4·updated 2d ago
renaudallard/reolink_firmwaresPython
analysis of reolink firmwares
★ 2·updated 3mo ago
Articles on news mentioning CVE-2026-4858