VDB
CVE-2025-14273
CVE-2025-14273
PUBLISHED
CVSS 6.800000190734863 MEDIUM
Mattermost versions 10.11.x <= 10.11.8, 11.1.x <= 11.1.1, 11.0.x <= 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops.
EPSS 0.12% · 31.3th percentile
Risk Scores
CVSS v3.1
6.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
EPSS Score
0.12%
31.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mattermost | Mattermost | 11.0.7, 10.11.0, 11.1.0 |
Timeline
- Dec 18, 2025 CVE Published
- Dec 22, 2025 EPSS Score
- Dec 26, 2025 EPSS Score
- Dec 29, 2025 EPSS Score
- Jan 2, 2026 EPSS Score
- Jan 6, 2026 EPSS Score
- Jan 10, 2026 EPSS Score
- Jan 13, 2026 EPSS Score
- Jan 16, 2026 CVE Updated
- Jan 16, 2026 PoC Published
- Jan 17, 2026 EPSS Score
- Jan 21, 2026 EPSS Score