Primary

Context

Mattermost Slash Command Hijacking Vulnerability

Vulnerability

Patched

A vulnerability exists in Mattermost versions 11.5.x through 11.5.1, 10.11.x through 10.11.13, and 11.4.x through 11.4.3. These versions fail to enforce uniqueness of trigger words for slash commands during updates. This flaw allows an authenticated team member with the 'Manage Own Slash Commands' permission to hijack and impersonate existing system or custom slash commands. The vulnerability can be exploited by editing the trigger word of a user's own slash command to match that of an already registered command, using the command update API.

Impact

Exploitation of this vulnerability allows for unauthorized hijacking and impersonation of existing slash commands, potentially leading to misuse of command functionalities within Mattermost.

Remediation

Users can upgrade to Mattermost versions 11.7.0, 11.6.1, or 10.11.16 to address this vulnerability.

Added: May 18, 2026, 9:26 AM

Updated: May 18, 2026, 9:26 AM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.6

exploitability

5.2

remediation

7.7

relevance

8.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.6

exploitability

5.2

remediation

7.7

relevance

8.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mattermost Slash Command Hijacking Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Mattermost

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating