Mattermost Desktop App versions <=6.2 5.5.13 6.0.2.0 fail to properly null check when checking for headers in the Mattermost Desktop App which allows any user to crash another channel members Desktop App via posting a malicious link with an embedded image that misses one of those headers. Mattermost Advisory ID: MMSA-2026-00668
Advisories
No advisories yet.
Fixes
Solution
Update Mattermost Desktop App to versions 6.3.0, 5.13.6.0, 6.2.1.0 or higher.
Workaround
No workaround given by the vendor.
References
| Link | Providers |
|---|---|
| https://mattermost.com/security-updates |
|
History
Fri, 17 Jul 2026 11:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Mattermost
Mattermost mattermost |
|
| Vendors & Products |
Mattermost
Mattermost mattermost |
Fri, 17 Jul 2026 10:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Mattermost Desktop App versions <=6.2 5.5.13 6.0.2.0 fail to properly null check when checking for headers in the Mattermost Desktop App which allows any user to crash another channel members Desktop App via posting a malicious link with an embedded image that misses one of those headers. Mattermost Advisory ID: MMSA-2026-00668 | |
| Title | Posting a malicious markdown image crashes the Mattermost Desktop App | |
| Weaknesses | CWE-754 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: Mattermost
Published:
Updated: 2026-07-17T12:53:59.567Z
Reserved: 2026-05-07T10:57:31.807Z
Link: CVE-2026-8075
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-17T11:30:05Z
Weaknesses