CVE-2025-11776
14.11.2025, 08:15
Mattermost versions <11 fail to properly restrict access to archived channel search API which allows guest users to discover archived public channels via the `/api/v4/teams/{team_id}/channels/search_archived` endpointEnginsightAwaiting analysis
This vulnerability is currently awaiting analysis.
References