Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-1398

Mattermost Desktop App versions <=5.10.0 explicitly declared unnecessary macOS entitlements which allows an attacker with remote access to bypass Transparency, Consent, and Control (TCC) via code injection.

Published

2025-03-17T15:15:43.243

Last Modified

2025-09-25T19:14:25.120

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 3.3 (LOW)

Weaknesses

Type: Secondary
CWE-426

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	mattermost	mattermost_desktop	< 5.11.0	Yes
Operating System	apple	macos	-	No

References

https://mattermost.com/security-updates Vendor Advisory ([email protected])