A vulnerability was found in Mattermost up to 10.11.17/11.5.5/11.6.2/11.7.0/11.7.x . It has been declared as problematic . The affected element is an unknown function of the component Slash Command Handler . Such manipulation leads to missing authorization. This vulnerability is documented as CVE-2026-5139 . The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.