CVE-2025-9079 | Mattermost up to 9.11.17/10.5.8/10.8.3/10.9.3/10.10.1 Plugin path traversal

A vulnerability was found in Mattermost up to 9.11.17/10.5.8/10.8.3/10.9.3/10.10.1. It has been declared as critical. The affected element is an unknown function of the component Plugin Handler. Such manipulation leads to path traversal.

This vulnerability is referenced as CVE-2025-9079. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More