CVE-2025-13870 | Mattermost up to 10.5.12/10.11.4 missing authentication

December 2, 2025 Yanac

A vulnerability was found in Mattermost up to 10.5.12/10.11.4. It has been rated as critical. The impacted element is an unknown function. This manipulation causes missing authentication.

This vulnerability appears as CVE-2025-13870. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More

CVE-2025-13872 | ObjectPlanet Opinio 7.26 rev12562 Import server-side request forgery
CVE-2025-13877 | nocobase up to 1.9.4/2.0.0-alpha.37 JWT Service jwt-service.ts API_KEY hard-coded key