Mattermost Focalboard
2 CVEs affecting Mattermost Focalboard. Latest disclosed: 2026-04-03. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-25773 | High | 8.1 | 2026-04-03 | ** UNSUPPORTED WHEN ASSIGNED ** Focalboard version 8.0 fails to sanitize category IDs before incorporating them into dynamic SQL statements when reordering cat… |
CVE-2026-28736 | Medium | 4.3 | 2026-04-03 | ** UNSUPPORTED WHEN ASSIGNED ** Focalboard version 8.0 fails to validate file ownership when serving uploaded files. This allows an authenticated attacker who… |