CVE Catalog

CVE-2026-3472

LowCVSS 3.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.19%

9th percentile — higher than 9% of all known CVEs

Summary

A vulnerability in Mattermost allows an authenticated attacker to exfiltrate data by injecting Markdown image syntax into AI bot tool result posts. Markdown image rendering restrictions are not properly applied to AI bot tool result posts, enabling data leakage to an attacker-controlled server when rendered by a victim's client.

Risk Assessment

The risk involves potential leakage of sensitive organizational data (e.g., tokens, internal messages) to an external attacker-controlled server without user awareness. The attack requires only an authenticated account and can be executed by sending a crafted AI tool result.

Recommendation

Immediately upgrade Mattermost to version 10.11.19, 11.6.4, 11.5.7 or later, as per the vendor advisory (MMSA-2026-00619). After updating, verify that Markdown rendering restrictions are correctly applied to all post types.

Original NVD description (English source)

Mattermost versions 10.11.x <= 10.11.18, 11.6.x <= 11.6.3, 11.5.x <= 11.5.6 fail to properly apply markdown image rendering restrictions to AI bot tool result posts, which allows an authenticated attacker to exfiltrate data to an attacker-controlled server via injecting markdown image syntax into tool result content rendered by a victim's client.. Mattermost Advisory ID: MMSA-2026-00619

Vulnerability data from NVD (NIST) · CISA KEV · EPSS