Description
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to bound memory allocation when processing DOC files which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted DOC file.. Mattermost Advisory ID: MMSA-2026-00581
Published: 2026-03-16
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service (memory exhaustion)
Action: Patch
AI Analysis

Impact

The vulnerability involves improper bounds checking during memory allocation when processing DOC files in Mattermost server. An authenticated attacker can craft a malicious DOC file that triggers excessive memory consumption, leading to server memory exhaustion and a denial‑of‑service condition. The weakness is identified by CWE-789, "Uncontrolled Memory Allocation."

Affected Systems

Affected products are Mattermost Server versions 11.3.x (<= 11.3.0), 11.2.x (<= 11.2.2), and 10.11.x (<= 10.11.10) as listed by the CNA. The associated CPE is cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*.

Risk and Exploitability

The CVSS score of 4.3 indicates a medium severity but the EPSS score of less than 1% signals a very low probability of exploitation. The vulnerability is not present in the CISA KEV catalog. Exploitation requires a valid authenticated session and the upload of a crafted DOC file, which can be performed through the standard file‑upload interface of the Mattermost web or APIs.

Generated by OpenCVE AI on March 18, 2026 at 19:38 UTC.

Remediation

Vendor Solution

Update Mattermost to versions 11.4.0, 11.3.1, 11.2.3, 10.11.11 or higher.

OpenCVE Recommended Actions

  • Update Mattermost to version 11.4.0, 11.3.1, 11.2.3, 10.11.11 or higher.

Generated by OpenCVE AI on March 18, 2026 at 19:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-xv2p-wchj-qjhp Mattermost fails to bound memory allocation when processing DOC files
References
Link Providers
https://mattermost.com/security-updates cve-icon cve-icon
History

Wed, 18 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Mattermost mattermost Server
CPEs cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
Vendors & Products Mattermost mattermost Server

Tue, 17 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Mattermost
Mattermost mattermost
Vendors & Products Mattermost
Mattermost mattermost

Mon, 16 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 16 Mar 2026 13:45:00 +0000

Type Values Removed Values Added
Description Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to bound memory allocation when processing DOC files which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted DOC file.. Mattermost Advisory ID: MMSA-2026-00581
Title Memory Exhaustion via Malformed DOC File Upload
Weaknesses CWE-789
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L'}

Subscriptions

Mattermost Mattermost Mattermost Server
cve-icon MITRE

Status: PUBLISHED

Assigner: Mattermost

Published:

Updated: 2026-03-16T13:49:54.865Z

Reserved: 2026-02-13T10:43:14.463Z

Link: CVE-2026-25780

cve-icon Vulnrichment

Updated: 2026-03-16T13:43:35.313Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-16T14:18:23.400

Modified: 2026-03-18T18:13:33.340

Link: CVE-2026-25780

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:44:33Z

Weaknesses