{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-20T15:32:42.805","vulnerabilities":[{"cve":{"id":"CVE-2026-1628","sourceIdentifier":"responsibledisclosure@mattermost.com","published":"2026-03-02T14:16:23.223","lastModified":"2026-03-05T16:07:40.963","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mattermost Desktop App versions <=5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functionality to untrusted servers via having a user open an external link in their Mattermost server. Mattermost Advisory ID: MMSA-2026-00596"},{"lang":"es","value":"Las versiones &lt;=5.13.3 de la aplicación de escritorio de Mattermost no adjuntan oyentes que restringen la navegación a sitios externos dentro de la aplicación Mattermost, lo que permite a un servidor malicioso exponer la funcionalidad de script de precarga a servidores no confiables al hacer que un usuario abra un enlace externo en su servidor Mattermost. ID de Aviso de Mattermost: MMSA-2026-00596"}],"metrics":{"cvssMetricV31":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":2.5}]},"weaknesses":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","description":[{"lang":"en","value":"CWE-829"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_desktop:*:*:*:*:*:*:*:*","versionEndExcluding":"5.13.4","matchCriteriaId":"17854B0E-22CE-4E16-A346-75A6E24BD9E3"}]}]}],"references":[{"url":"https://mattermost.com/security-updates","source":"responsibledisclosure@mattermost.com","tags":["Vendor Advisory"]}]}}]}