CVE-2026-6333 | Mattermost up to 10.11.13/11.5.1 Slash Command server-side request forgery

A vulnerability identified as critical has been detected in Mattermost up to 10.11.13/11.5.1. Impacted is an unknown function of the component Slash Command Handler. The manipulation leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2026-6333. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More