CVE-2026-6347 | Mattermost up to 10.11.13/11.4.3/11.5.1 Calls Plugin plaintext information disclosure

A vulnerability classified as problematic was found in Mattermost up to 10.11.13/11.4.3/11.5.1. Affected is an unknown function of the component Calls Plugin. Executing a manipulation of the argument plaintext can lead to information disclosure.

This vulnerability is tracked as CVE-2026-6347. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More