CVE-2026-3109
LOW
NVD
CVSS Score
2.2
Severity
LOW
Published
Mar 26, 2026
Vendor
unknown
Description
Mattermost Plugins versions <=11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584