CVE-2026-13426 | Mattermost Go Module up to 0.1.21 public path traversal (WID-SEC-2026-2107)
A vulnerability has been found in Mattermost Go Module up to 0.1.21 and classified as critical. Affected is an unknown function of the file /mattermost/mattermost/server/public. The manipulation leads to path traversal.
This vulnerability is listed as CVE-2026-13426. The attack may be initiated remotely. There is no available exploit.
The affected component should be upgraded.