TNCVE-2026-3109 — Vulnetix

TNCVE-2026-3109 PUBLISHED

Mattermost Plugins versions <=11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584

Timeline

Mar 26, 2026 CVE Published

References

Tenable: CVE-2026-3109 advisory

Open in Interactive Console →