A vulnerability was found in Mattermost up to 10.11.10/11.2.2/11.3.0 and classified as problematic . Impacted is an unknown function of the component Websocket Message Handler . Executing a manipulation can lead to improper validation of specified type of input. The identification of this vulnerability is CVE-2026-2454 . The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.