CVE-2026-3108 | Mattermost up to 10.11.10/11.2.2/11.3.1/11.4.0 Messages control sequence

VDB-353680 · CVE-2026-3108 · GCVE-0-2026-3108 MATTERMOST UP TO 10.11.10/11.2.2/11.3.1/11.4.0 MESSAGES CONTROL SEQUENCE HISTORYDIFFRELATEJSONXMLCTI CVSS Meta Temp Score Current Exploit Price (≈) CTI Interest Score 6.4 $0-$5k 1.63+ Summaryinfo A vulnerability described as problematic has been identified in Mattermost up to 10.11.10/11.2.2/11.3.1/11.4.0. This affects an unknown function of the component Messages Handler. Executing a manipulation can lead to control sequence. This vulnerability is registered as CVE-2026-3108. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended. Detailsinfo A vulnerability was found in Mattermost up to 10.11.10/11.2.2/11.3.1/11.4.0. It has been declared as problematic. This vulnerability affects an unknown code block of the component Messages Handler. The manipulation with an unknown input leads to a control sequence vulnerability. The CWE definition for the vulnerability is CWE-150. The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as escape, meta, or control character sequences when they are sent to a downstream component. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes: Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences that enable screen manipulation, fake prompts, and clipboard hijacking.. Mattermost Advisory ID: MMSA-2026-00599 The weakness was published by winfunc. The advisory is shared for download at mattermost.com. This vulnerability was named CVE-2026-3108 since 02/24/2026. The exploitation appears to be difficult. The attack can be initiated remotely. There are neither technical details nor an exploit publicly available. Upgrading to version 10.11.11, 11.2.3, 11.3.2, 11.4.1 or 11.5.0 eliminates this vulnerability. Productinfo Type Groupware Software Name Mattermost Version 10.11.0 10.11.1 10.11.2 10.11.3 10.11.4 10.11.5 10.11.6 10.11.7 10.11.8 10.11.9 10.11.10 11.0 11.1 11.2 11.2.0 11.2.1 11.2.2 11.3 11.3.0 11.3.1 11.4.0 License open-source CPE 2.3info 🔒 🔒 🔒 CPE 2.2info 🔒 🔒 🔒 CVSSv4info VulDB Vector: 🔒 VulDB Reliability: 🔍 CVSSv3info VulDB Meta Base Score: 6.5 VulDB Meta Temp Score: 6.4 VulDB Base Score: 5.0 VulDB Temp Score: 4.8 VulDB Vector: 🔒 VulDB Reliability: 🔍 CNA Base Score: 8.0 CNA Vector (Mattermost): 🔒 CVSSv2info Vector Complexity Authentication Confidentiality Integrity Availability Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock VulDB Base Score: 🔒 VulDB Temp Score: 🔒 VulDB Reliability: 🔍 Exploitinginfo Class: Control sequence CWE: CWE-150 / CWE-20 CAPEC: 🔒 ATT&CK: 🔒 Physical: No Local: No Remote: Yes Availability: 🔒 Status: Not defined Price Prediction: 🔍 Current Price Estimation: 🔒 0-Day Unlock Unlock Unlock Unlock Today Unlock Unlock Unlock Unlock Threat Intelligenceinfo Interest: 🔍 Active Actors: 🔍 Active APT Groups: 🔍 Countermeasuresinfo Recommended: Upgrade Status: 🔍 0-Day Time: 🔒 Upgrade: Mattermost 10.11.11/11.2.3/11.3.2/11.4.1/11.5.0 Timelineinfo 02/24/2026 CVE reserved 03/26/2026 +30 days Advisory disclosed 03/26/2026 +0 days VulDB entry created 03/26/2026 +0 days VulDB entry last update Sourcesinfo Advisory: mattermost.com Researcher: winfunc Status: Confirmed CVE: CVE-2026-3108 (🔒) GCVE (CVE): GCVE-0-2026-3108 GCVE (VulDB): GCVE-100-353680 Entryinfo Created: 03/26/2026 19:01 Changes: 03/26/2026 19:01 (64) Complete: 🔍 Cache ID: 99:972:101 Discussion No comments yet. Languages: en. Please log in to comment. ◂ PreviousOverviewNext ▸