GO-2026-4306 — Vulnetix

Try Vulnetix Request Demo

GO-2026-4306 PUBLISHED

Mattermost Server has Insufficient Session Expiration when used as an OAuth 2.0 service provider in github.com/mattermost/mattermost-server

Affected Products

Vendor	Product	Versions
github.com	mattermost/mattermost-server	3.10.0+incompatible, 0, 0

Timeline

Jan 13, 2026 CVE Published
Mar 3, 2026 CVE Updated
May 1, 2026 Security Advisory

References

Open in Interactive Console →