CVE-2026-5163
Mattermost AI Message Rewrite Channel Access Bypass
Publication date: 2026-05-18
Last updated on: 2026-05-18
Assigner: Mattermost, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mattermost | mattermost_server | From 11.5.0 (inc) to 11.5.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Mattermost versions 11.5.x up to and including 11.5.1. It occurs because the software fails to verify whether a user is a member of a channel when processing AI-assisted message rewrites. This flaw allows an authenticated attacker to read the content of threads in private channels and direct messages that they should not have access to by sending a specially crafted request to the post rewrite endpoint.
How can this vulnerability impact me? :
The impact of this vulnerability is that an authenticated attacker can gain unauthorized access to sensitive information contained in private channels and direct messages. This means confidential conversations and data could be exposed to unauthorized parties, potentially leading to information leakage and privacy breaches.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should upgrade Mattermost to a version later than 11.5.1 where the issue has been fixed.
Since the vulnerability allows an authenticated attacker to read private channel and direct message content via a crafted request, restricting access to the post rewrite endpoint and monitoring for unusual requests may help reduce risk until an upgrade is applied.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows an authenticated attacker to read the content of threads in private channels and direct messages they do not have access to. Such unauthorized access to private communications can lead to violations of data privacy and confidentiality requirements mandated by standards like GDPR and HIPAA.
Specifically, the failure to verify channel membership when processing AI-assisted message rewrites means sensitive personal or health information could be exposed, potentially resulting in non-compliance with regulations that require strict access controls and protection of personal data.