Mattermost Desktop App versions <=6.0 6.2.0 5.2.13.0 fail to validate help links which allows a malicious Mattermost server to execute arbitrary executables on a user’s system via the user clicking on certain items in the Help menu Mattermost Advisory ID: MMSA-2026-00577
Exploitability
AV:NAC:LPR:LUI:RScope
S:CImpact
C:HI:NA:L7.6/CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:LOther