CVEFinder.io

CVE-2025-13321

ℹī¸ low
🔍 Scan for this CVE
Summary

Mattermost Desktop App versions <6.0.0 fail to sanitize sensitive information from Mattermost logs and clear data on server deletion which allows an attacker with access to the users system to gain access to potentially sensitive information via reading the application logs.

CVSS Score
3.3
Low
EPSS Score
0.0
Exploit Probability
Published Date
2025-12-17
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 2.8% of all 328,009 vulnerabilities in our database.

#318,817
Below average severity
Severity Percentile
đŸŽ¯ CISA SSVC Assessment Updated: Dec 17, 2025
🔍 Exploitation Status
None
No known exploits
⚙ī¸ Automatable
NO
Requires human interaction
đŸ’Ĩ Technical Impact
Partial
Limited system impact
🏆 Discovered By
Doyensec
SSVC data provided by CISA
Last Modified 2025-12-18
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE IDs (Weakness Types)
CWE-532

đŸ“Ļ Affected Products 1

Vendor Product Status Affected Versions
mattermost mattermost_desktop Affected
< 6.0.0

🔗 References 1

https://mattermost.com/security-updates
Vendor Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-6517 đŸ”ļ medium 6.3 0.2 Mattermost Desktop App versions <=6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were... 2026-06-15
CVE-2026-8683 đŸ”ļ medium 6.5 0.2 Mattermost Desktop App versions <=6.1 5.5.13.0 fail to account for attempting to open extremely long URLs in the Matterm... 2026-06-15
CVE-2026-3471 đŸ”ļ medium 6.5 0.0 Mattermost Desktop App versions <=6.1 6.0.1 5.4.13.0 fail to prevent an invalid URL from loading in a pop-up window in t... 2026-05-18
CVE-2026-4643 ℹī¸ low 3.5 0.0 Mattermost Desktop App versions <=6.1 6.0.1 5.4.13.0 fail to prevent server-rendered content from closing an underlying ... 2026-05-18
CVE-2026-1628 đŸ”ļ medium 4.6 0.0 Mattermost Desktop App versions <=5.13.3 fail to attach listeners restricting navigation to external sites within the Ma... 2026-03-02
CVE-2026-1046 ⚠ī¸ high 7.6 0.0 Mattermost Desktop App versions <=6.0 6.2.0 5.2.13.0 fail to validate help links which allows a malicious Mattermost ser... 2026-02-16
These CVEs affect the same products