CVE-2026-3109
Analyzed Analyzed - Analysis Complete
Timestamp Validation Bypass in Mattermost Plugins Enables Zoom State Corruption

Publication date: 2026-03-26

Last updated on: 2026-06-08

Assigner: Mattermost, Inc.

Description
Mattermost Plugins versions <=11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-26
Last Modified
2026-06-08
Generated
2026-06-16
AI Q&A
2026-03-26
EPSS Evaluated
2026-06-15
NVD
CVE-2026-3109
EUVD
EUVD-2026-16236
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
mattermost mattermost_server From 10.11.0 (inc) to 10.11.12 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-754 The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Mattermost Plugins versions up to 11.4 10.11.11.0, where the plugins fail to validate webhook request timestamps. This flaw allows an attacker to replay webhook requests, which can corrupt the Zoom meeting state within Mattermost.

Impact Analysis

The impact of this vulnerability is limited to the potential corruption of Zoom meeting state in Mattermost. Because the vulnerability allows replayed webhook requests, it could disrupt meeting information or cause inconsistencies in meeting management. The CVSS score indicates a low severity with no impact on confidentiality or integrity, but a low impact on availability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3109. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart