CVE-2026-7387 - Mattermost group syncable endpoints allow privilege escalation via scheme_admin
CVE ID :CVE-2026-7387 Published : June 12, 2026, 5:16 p.m. | 1 hour, 51 minutes ago Description :Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 Mattermost fails to require role-management authorization when setting the scheme_admin flag on...