CVE-2025-41423 | Mattermost up to 9.11.10/10.4.2/10.5.0 API Endpoint ignore-thread authorization

A vulnerability was found in Mattermost up to 9.11.10/10.4.2/10.5.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /plugins/playbooks/api/v0/signal/keywords/ignore-thread of the component API Endpoint. The manipulation leads to incorrect authorization.

This vulnerability is known as CVE-2025-41423. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More