CVE-2026-4339
Analyzed Analyzed - Analysis Complete

Server-Side Request Forgery in Mattermost MCP Server

Vulnerability report for CVE-2026-4339, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-26

Last updated on: 2026-06-29

Assigner: Mattermost, Inc.

Description

Mattermost versions 10.11.x <= 10.11.18, 11.6.x <= 11.6.3, 11.5.x <= 11.5.6 fail to validate attachment URLs against internal or private IP ranges in the Mattermost Agents plugin MCP server which allows an attacker with access to the MCP server in stdio mode to perform server-side request forgery (SSRF) and exfiltrate data from internal network services via supplying internal URLs as file attachments in post creation requests.. Mattermost Advisory ID: MMSA-2026-00635

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-26
Last Modified
2026-06-29
Generated
2026-07-16
AI Q&A
2026-06-26
EPSS Evaluated
2026-07-15
NVD
EUVD

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
mattermost mattermost_server From 10.11.0 (inc) to 10.11.19 (exc)
mattermost mattermost_server From 11.5.0 (inc) to 11.5.7 (exc)
mattermost mattermost_server From 11.6.0 (inc) to 11.6.4 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in certain versions of Mattermost where the Agents plugin MCP server does not properly validate attachment URLs against internal or private IP ranges.

An attacker with access to the MCP server in stdio mode can exploit this by supplying internal URLs as file attachments in post creation requests.

This allows the attacker to perform server-side request forgery (SSRF), potentially exfiltrating data from internal network services.

Detection Guidance

This vulnerability involves the Mattermost Agents plugin MCP server failing to validate attachment URLs against internal or private IP ranges, allowing SSRF attacks via file attachments in post creation requests.

To detect exploitation attempts on your network or system, monitor for unusual outbound requests originating from the MCP server to internal IP addresses or private network ranges.

Specific commands or detection tools are not provided in the available resources.

Impact Analysis

The vulnerability can allow an attacker with limited access to the MCP server to perform SSRF attacks.

This can lead to unauthorized access to internal network services and exfiltration of sensitive data.

The CVSS score of 6.5 indicates a medium severity impact, with high confidentiality impact but no impact on integrity or availability.

Compliance Impact

The vulnerability in Mattermost allows an attacker with access to the MCP server in stdio mode to perform server-side request forgery (SSRF) and exfiltrate data from internal network services. This could potentially lead to unauthorized access to sensitive or personal data.

Such unauthorized data exfiltration risks violating data protection regulations like GDPR and HIPAA, which require strict controls to prevent unauthorized access and disclosure of personal and health information.

Therefore, organizations using affected Mattermost versions may face compliance challenges if this vulnerability is exploited, as it undermines the confidentiality and security requirements mandated by these standards.

Mitigation Strategies

Immediate mitigation steps include updating Mattermost to a version later than 10.11.18, 11.6.3, or 11.5.6, where this vulnerability has been addressed.

Additionally, restrict access to the MCP server in stdio mode to trusted users only, and monitor or block outgoing requests to internal IP ranges from the MCP server.

For official updates and patches, refer to Mattermost's security updates page.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4339. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart