[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2017-18908":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T20:55:33.689Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":660,"aliases":661,"duplicate_of":9,"upstream":664,"downstream":665,"duplicates":668,"related":669,"reserved_at":9,"published_at":671,"modified_at":672,"state":673,"summary":674,"references_raw":683,"kevs":723,"epss":724,"epss_history":727,"metrics":985,"affected":996},"CVE-2017-18908","An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. A password-reset request was sometime sent to an attacker-provided e-mail address.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-287","Improper Authentication","When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.","weakness","Draft","Class","High",[20,182,261,265,269,273,292,481,543,627],{"id":21,"name":22,"techniques":23},"CAPEC-114","Authentication Abuse",[24],{"id":25,"name":26,"tactics":27,"countermeasures":34},"T1548","Abuse Elevation Control Mechanism",[28,31],{"id":29,"name":30},"TA0030","Defense Evasion",{"id":32,"name":33},"TA0111","Privilege Escalation",[35,40,44,48,52,57,61,65,69,73,77,81,85,89,94,98,103,108,112,116,120,125,129,133,137,141,146,150,154,158,162,166,170,174,178],{"id":36,"name":37,"tactic":38},"D3-CI","Configuration Inventory",{"name":39},"Model",{"id":41,"name":42,"tactic":43},"D3-AM","Access Modeling",{"name":39},{"id":45,"name":46,"tactic":47},"D3-DI","Data Inventory",{"name":39},{"id":49,"name":50,"tactic":51},"D3-NTPM","Network Traffic Policy Mapping",{"name":39},{"id":53,"name":54,"tactic":55},"D3-AEM","Application Exception Monitoring",{"name":56},"Detect",{"id":58,"name":59,"tactic":60},"D3-SCA","System Call Analysis",{"name":56},{"id":62,"name":63,"tactic":64},"D3-SFA","System File Analysis",{"name":56},{"id":66,"name":67,"tactic":68},"D3-FA","File Analysis",{"name":56},{"id":70,"name":71,"tactic":72},"D3-FIM","File Integrity Monitoring",{"name":56},{"id":74,"name":75,"tactic":76},"D3-OPM","Operational Process Monitoring",{"name":56},{"id":78,"name":79,"tactic":80},"D3-DA","Dynamic Analysis",{"name":56},{"id":82,"name":83,"tactic":84},"D3-EFA","Emulated File Analysis",{"name":56},{"id":86,"name":87,"tactic":88},"D3-PSA","Process Spawn Analysis",{"name":56},{"id":90,"name":91,"tactic":92},"D3-FEV","File Eviction",{"name":93},"Evict",{"id":95,"name":96,"tactic":97},"D3-AL","Account Locking",{"name":93},{"id":99,"name":100,"tactic":101},"D3-DF","Decoy File",{"name":102},"Deceive",{"id":104,"name":105,"tactic":106},"D3-FE","File Encryption",{"name":107},"Harden",{"id":109,"name":110,"tactic":111},"D3-AA","Agent Authentication",{"name":107},{"id":113,"name":114,"tactic":115},"D3-CDP","Change Default Password",{"name":107},{"id":117,"name":118,"tactic":119},"D3-SCP","System Configuration Permissions",{"name":107},{"id":121,"name":122,"tactic":123},"D3-RC","Restore Configuration",{"name":124},"Restore",{"id":126,"name":127,"tactic":128},"D3-RF","Restore File",{"name":124},{"id":130,"name":131,"tactic":132},"D3-ULA","Unlock Account",{"name":124},{"id":134,"name":135,"tactic":136},"D3-RUAA","Restore User Account Access",{"name":124},{"id":138,"name":139,"tactic":140},"D3-RD","Restore Database",{"name":124},{"id":142,"name":143,"tactic":144},"D3-SCF","System Call Filtering",{"name":145},"Isolate",{"id":147,"name":148,"tactic":149},"D3-CF","Content Filtering",{"name":145},{"id":151,"name":152,"tactic":153},"D3-LFP","Local File Permissions",{"name":145},{"id":155,"name":156,"tactic":157},"D3-RFAM","Remote File Access Mediation",{"name":145},{"id":159,"name":160,"tactic":161},"D3-CQ","Content Quarantine",{"name":145},{"id":163,"name":164,"tactic":165},"D3-CM","Content Modification",{"name":145},{"id":167,"name":168,"tactic":169},"D3-UAP","User Account Permissions",{"name":145},{"id":171,"name":172,"tactic":173},"D3-EAL","Executable Allowlisting",{"name":145},{"id":175,"name":176,"tactic":177},"D3-EDL","Executable Denylisting",{"name":145},{"id":179,"name":180,"tactic":181},"D3-HBPI","Hardware-based Process Isolation",{"name":145},{"id":183,"name":184,"techniques":185},"CAPEC-115","Authentication Bypass",[186],{"id":25,"name":26,"tactics":187,"countermeasures":190},[188,189],{"id":29,"name":30},{"id":32,"name":33},[191,193,195,197,199,201,203,205,207,209,211,213,215,217,219,221,223,225,227,229,231,233,235,237,239,241,243,245,247,249,251,253,255,257,259],{"id":36,"name":37,"tactic":192},{"name":39},{"id":41,"name":42,"tactic":194},{"name":39},{"id":45,"name":46,"tactic":196},{"name":39},{"id":49,"name":50,"tactic":198},{"name":39},{"id":53,"name":54,"tactic":200},{"name":56},{"id":58,"name":59,"tactic":202},{"name":56},{"id":62,"name":63,"tactic":204},{"name":56},{"id":66,"name":67,"tactic":206},{"name":56},{"id":70,"name":71,"tactic":208},{"name":56},{"id":74,"name":75,"tactic":210},{"name":56},{"id":78,"name":79,"tactic":212},{"name":56},{"id":82,"name":83,"tactic":214},{"name":56},{"id":86,"name":87,"tactic":216},{"name":56},{"id":90,"name":91,"tactic":218},{"name":93},{"id":95,"name":96,"tactic":220},{"name":93},{"id":99,"name":100,"tactic":222},{"name":102},{"id":104,"name":105,"tactic":224},{"name":107},{"id":109,"name":110,"tactic":226},{"name":107},{"id":113,"name":114,"tactic":228},{"name":107},{"id":117,"name":118,"tactic":230},{"name":107},{"id":121,"name":122,"tactic":232},{"name":124},{"id":126,"name":127,"tactic":234},{"name":124},{"id":130,"name":131,"tactic":236},{"name":124},{"id":134,"name":135,"tactic":238},{"name":124},{"id":138,"name":139,"tactic":240},{"name":124},{"id":142,"name":143,"tactic":242},{"name":145},{"id":147,"name":148,"tactic":244},{"name":145},{"id":151,"name":152,"tactic":246},{"name":145},{"id":155,"name":156,"tactic":248},{"name":145},{"id":159,"name":160,"tactic":250},{"name":145},{"id":163,"name":164,"tactic":252},{"name":145},{"id":167,"name":168,"tactic":254},{"name":145},{"id":171,"name":172,"tactic":256},{"name":145},{"id":175,"name":176,"tactic":258},{"name":145},{"id":179,"name":180,"tactic":260},{"name":145},{"id":262,"name":263,"techniques":264},"CAPEC-151","Identity Spoofing",[],{"id":266,"name":267,"techniques":268},"CAPEC-194","Fake the Source of Data",[],{"id":270,"name":271,"techniques":272},"CAPEC-22","Exploiting Trust in Client",[],{"id":274,"name":275,"techniques":276},"CAPEC-57","Utilizing REST's Trust in the System Resource to Obtain Sensitive Data",[277],{"id":278,"name":279,"tactics":280,"countermeasures":287},"T1040","Network Sniffing",[281,284],{"id":282,"name":283},"TA0031","Credential Access",{"id":285,"name":286},"TA0102","Discovery",[288],{"id":289,"name":290,"tactic":291},"D3-DNSTA","DNS Traffic Analysis",{"name":56},{"id":293,"name":294,"techniques":295},"CAPEC-593","Session Hijacking",[296,340,453],{"id":297,"name":298,"tactics":299,"countermeasures":303},"T1185","Browser Session Hijacking",[300],{"id":301,"name":302},"TA0100","Collection",[304,308,312,316,320,324,328,332,336],{"id":305,"name":306,"tactic":307},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":56},{"id":309,"name":310,"tactic":311},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":56},{"id":313,"name":314,"tactic":315},"D3-CSPP","Client-server Payload Profiling",{"name":56},{"id":317,"name":318,"tactic":319},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":56},{"id":321,"name":322,"tactic":323},"D3-NTSA","Network Traffic Signature Analysis",{"name":56},{"id":325,"name":326,"tactic":327},"D3-APCA","Application Protocol Command Analysis",{"name":56},{"id":329,"name":330,"tactic":331},"D3-NTCD","Network Traffic Community Deviation",{"name":56},{"id":333,"name":334,"tactic":335},"D3-RTSD","Remote Terminal Session Detection",{"name":56},{"id":337,"name":338,"tactic":339},"D3-NTF","Network Traffic Filtering",{"name":145},{"id":341,"name":342,"tactics":343,"countermeasures":348},"T1550.001","Application Access Token",[344,345],{"id":29,"name":30},{"id":346,"name":347},"TA0109","Lateral Movement",[349,353,357,359,363,365,367,369,371,373,375,377,379,383,387,391,395,399,403,407,411,415,419,423,427,431,435,437,439,443,447,451],{"id":350,"name":351,"tactic":352},"D3-PLA","Process Lineage Analysis",{"name":56},{"id":354,"name":355,"tactic":356},"D3-PSMD","Process Self-Modification Detection",{"name":56},{"id":86,"name":87,"tactic":358},{"name":56},{"id":360,"name":361,"tactic":362},"D3-CCSA","Credential Compromise Scope Analysis",{"name":56},{"id":305,"name":306,"tactic":364},{"name":56},{"id":309,"name":310,"tactic":366},{"name":56},{"id":313,"name":314,"tactic":368},{"name":56},{"id":317,"name":318,"tactic":370},{"name":56},{"id":321,"name":322,"tactic":372},{"name":56},{"id":325,"name":326,"tactic":374},{"name":56},{"id":329,"name":330,"tactic":376},{"name":56},{"id":333,"name":334,"tactic":378},{"name":56},{"id":380,"name":381,"tactic":382},"D3-PT","Process Termination",{"name":93},{"id":384,"name":385,"tactic":386},"D3-PS","Process Suspension",{"name":93},{"id":388,"name":389,"tactic":390},"D3-HR","Host Reboot",{"name":93},{"id":392,"name":393,"tactic":394},"D3-HS","Host Shutdown",{"name":93},{"id":396,"name":397,"tactic":398},"D3-CR","Credential Revocation",{"name":93},{"id":400,"name":401,"tactic":402},"D3-ANCI","Authentication Cache Invalidation",{"name":93},{"id":404,"name":405,"tactic":406},"D3-DUC","Decoy User Credential",{"name":102},{"id":408,"name":409,"tactic":410},"D3-CH","Credential Hardening",{"name":107},{"id":412,"name":413,"tactic":414},"D3-MFA","Multi-factor Authentication",{"name":107},{"id":416,"name":417,"tactic":418},"D3-CRO","Credential Rotation",{"name":107},{"id":420,"name":421,"tactic":422},"D3-TB","Token Binding",{"name":107},{"id":424,"name":425,"tactic":426},"D3-TBA","Token-based Authentication",{"name":107},{"id":428,"name":429,"tactic":430},"D3-RIC","Reissue Credential",{"name":124},{"id":432,"name":433,"tactic":434},"D3-KBPI","Kernel-based Process Isolation",{"name":145},{"id":142,"name":143,"tactic":436},{"name":145},{"id":179,"name":180,"tactic":438},{"name":145},{"id":440,"name":441,"tactic":442},"D3-ABPI","Application-based Process Isolation",{"name":145},{"id":444,"name":445,"tactic":446},"D3-WSAM","Web Session Access Mediation",{"name":145},{"id":448,"name":449,"tactic":450},"D3-CTS","Credential Transmission Scoping",{"name":145},{"id":337,"name":338,"tactic":452},{"name":145},{"id":454,"name":455,"tactics":456,"countermeasures":458},"T1563","Remote Service Session Hijacking",[457],{"id":346,"name":347},[459,461,463,465,467,469,471,473,475,479],{"id":305,"name":306,"tactic":460},{"name":56},{"id":309,"name":310,"tactic":462},{"name":56},{"id":313,"name":314,"tactic":464},{"name":56},{"id":317,"name":318,"tactic":466},{"name":56},{"id":321,"name":322,"tactic":468},{"name":56},{"id":325,"name":326,"tactic":470},{"name":56},{"id":329,"name":330,"tactic":472},{"name":56},{"id":333,"name":334,"tactic":474},{"name":56},{"id":476,"name":477,"tactic":478},"D3-ST","Session Termination",{"name":93},{"id":337,"name":338,"tactic":480},{"name":145},{"id":482,"name":483,"techniques":484},"CAPEC-633","Token Impersonation",[485],{"id":486,"name":487,"tactics":488,"countermeasures":494},"T1134","Access Token Manipulation",[489,490,493],{"id":29,"name":30},{"id":491,"name":492},"TA0005","Stealth",{"id":32,"name":33},[495,497,499,501,503,505,507,509,511,513,515,517,519,521,523,525,527,529,531,533,535,537,539,541],{"id":36,"name":37,"tactic":496},{"name":39},{"id":49,"name":50,"tactic":498},{"name":39},{"id":41,"name":42,"tactic":500},{"name":39},{"id":53,"name":54,"tactic":502},{"name":56},{"id":58,"name":59,"tactic":504},{"name":56},{"id":360,"name":361,"tactic":506},{"name":56},{"id":74,"name":75,"tactic":508},{"name":56},{"id":86,"name":87,"tactic":510},{"name":56},{"id":476,"name":477,"tactic":512},{"name":93},{"id":396,"name":397,"tactic":514},{"name":93},{"id":400,"name":401,"tactic":516},{"name":93},{"id":404,"name":405,"tactic":518},{"name":102},{"id":408,"name":409,"tactic":520},{"name":107},{"id":412,"name":413,"tactic":522},{"name":107},{"id":416,"name":417,"tactic":524},{"name":107},{"id":420,"name":421,"tactic":526},{"name":107},{"id":424,"name":425,"tactic":528},{"name":107},{"id":121,"name":122,"tactic":530},{"name":124},{"id":428,"name":429,"tactic":532},{"name":124},{"id":142,"name":143,"tactic":534},{"name":145},{"id":448,"name":449,"tactic":536},{"name":145},{"id":171,"name":172,"tactic":538},{"name":145},{"id":175,"name":176,"tactic":540},{"name":145},{"id":179,"name":180,"tactic":542},{"name":145},{"id":544,"name":545,"techniques":546},"CAPEC-650","Upload a Web Shell to a Web Server",[547],{"id":548,"name":549,"tactics":550,"countermeasures":554},"T1505.003","Web Shell",[551],{"id":552,"name":553},"TA0110","Persistence",[555,559,563,567,571,573,575,577,579,581,583,585,587,589,591,593,595,597,599,603,605,607,609,611,613,615,617,619,621,623,625],{"id":556,"name":557,"tactic":558},"D3-NNI","Network Node Inventory",{"name":39},{"id":560,"name":561,"tactic":562},"D3-PLM","Physical Link Mapping",{"name":39},{"id":564,"name":565,"tactic":566},"D3-LLM","Logical Link Mapping",{"name":39},{"id":568,"name":569,"tactic":570},"D3-EHB","Endpoint Health Beacon",{"name":56},{"id":66,"name":67,"tactic":572},{"name":56},{"id":70,"name":71,"tactic":574},{"name":56},{"id":78,"name":79,"tactic":576},{"name":56},{"id":82,"name":83,"tactic":578},{"name":56},{"id":350,"name":351,"tactic":580},{"name":56},{"id":354,"name":355,"tactic":582},{"name":56},{"id":86,"name":87,"tactic":584},{"name":56},{"id":90,"name":91,"tactic":586},{"name":93},{"id":380,"name":381,"tactic":588},{"name":93},{"id":384,"name":385,"tactic":590},{"name":93},{"id":388,"name":389,"tactic":592},{"name":93},{"id":392,"name":393,"tactic":594},{"name":93},{"id":99,"name":100,"tactic":596},{"name":102},{"id":104,"name":105,"tactic":598},{"name":107},{"id":600,"name":601,"tactic":602},"D3-RNA","Restore Network Access",{"name":124},{"id":126,"name":127,"tactic":604},{"name":124},{"id":147,"name":148,"tactic":606},{"name":145},{"id":151,"name":152,"tactic":608},{"name":145},{"id":155,"name":156,"tactic":610},{"name":145},{"id":159,"name":160,"tactic":612},{"name":145},{"id":163,"name":164,"tactic":614},{"name":145},{"id":171,"name":172,"tactic":616},{"name":145},{"id":175,"name":176,"tactic":618},{"name":145},{"id":432,"name":433,"tactic":620},{"name":145},{"id":142,"name":143,"tactic":622},{"name":145},{"id":179,"name":180,"tactic":624},{"name":145},{"id":440,"name":441,"tactic":626},{"name":145},{"id":628,"name":629,"techniques":630},"CAPEC-94","Adversary in the Middle (AiTM)",[631],{"id":632,"name":633,"tactics":634,"countermeasures":637},"T1557","Adversary-in-the-Middle",[635,636],{"id":282,"name":283},{"id":301,"name":302},[638,640,642,644,646,648,650,652,654,658],{"id":305,"name":306,"tactic":639},{"name":56},{"id":309,"name":310,"tactic":641},{"name":56},{"id":313,"name":314,"tactic":643},{"name":56},{"id":317,"name":318,"tactic":645},{"name":56},{"id":321,"name":322,"tactic":647},{"name":56},{"id":325,"name":326,"tactic":649},{"name":56},{"id":329,"name":330,"tactic":651},{"name":56},{"id":333,"name":334,"tactic":653},{"name":56},{"id":655,"name":656,"tactic":657},"D3-CAA","Connection Attempt Analysis",{"name":56},{"id":337,"name":338,"tactic":659},{"name":145},[],[662,663],"GHSA-34cx-hvm4-vx7j","GO-2026-4476",[],[666],{"_key":667},"SUSE-SU-2026:0757-1",[],[670],{"_key":667},"2020-06-19T19:16:08.000Z","2024-08-05T21:37:44.432Z","Modified",{"cisa_kev":675,"cisa_ransomware":675,"cisa_vendor":9,"epss_severity":676,"epss_score":677,"severity":678,"severity_score":679,"severity_version":680,"severity_source":681,"severity_vector":682,"severity_status":673},false,"low",0.00408,"critical",9.8,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[684,691,697,702,706,710,715,719],{"url":685,"sources":686,"tags":688},"https://mattermost.com/security-updates/",[687,681],"cve.org",[689,690],"X Refsource CONFIRM","Vendor Advisory",{"url":692,"sources":693,"tags":695},"https://nvd.nist.gov/vuln/detail/CVE-2017-18908",[694],"osv_go",[696],"Advisory",{"url":698,"sources":699,"tags":700},"https://github.com/mattermost/mattermost/commit/59139390ae927af2e879dbacfe4dadb1adac97c0",[694],[701],"WEB",{"url":703,"sources":704,"tags":705},"https://github.com/mattermost/mattermost/commit/d3bc11be3acd3a73e6358d958b91427e2584ea71",[694],[701],{"url":707,"sources":708,"tags":709},"https://github.com/mattermost/mattermost/commit/e5065cf7575ee05c040945a4b00b7fd90bf39b83",[694],[701],{"url":711,"sources":712,"tags":713},"https://github.com/mattermost/mattermost",[694],[714],"PACKAGE",{"url":716,"sources":717,"tags":718},"https://mattermost.com/security-updates",[694],[701],{"url":720,"sources":721,"tags":722},"https://github.com/advisories/GHSA-34cx-hvm4-vx7j",[694],[696],[],{"date":725,"score":677,"percentile":726},"2026-06-05",0.61565,[728,731,734,737,740,743,746,749,752,755,758,761,764,767,769,772,775,778,780,782,784,786,789,791,794,797,800,803,806,809,812,814,817,820,823,826,828,831,834,837,840,843,846,849,852,855,858,860,863,866,869,872,875,878,881,884,887,890,893,896,899,902,905,908,911,914,917,920,923,926,929,931,934,937,940,943,946,948,951,954,956,959,962,965,968,970,973,976,979,982],{"date":729,"score":677,"percentile":730},"2025-11-04",0.60461,{"date":732,"score":677,"percentile":733},"2025-11-05",0.60445,{"date":735,"score":677,"percentile":736},"2025-11-06",0.60449,{"date":738,"score":677,"percentile":739},"2025-11-07",0.60463,{"date":741,"score":677,"percentile":742},"2025-11-08",0.60465,{"date":744,"score":677,"percentile":745},"2025-11-09",0.60462,{"date":747,"score":677,"percentile":748},"2025-11-10",0.60436,{"date":750,"score":677,"percentile":751},"2025-11-11",0.60451,{"date":753,"score":677,"percentile":754},"2025-11-12",0.60476,{"date":756,"score":677,"percentile":757},"2025-11-13",0.60483,{"date":759,"score":677,"percentile":760},"2025-11-14",0.60492,{"date":762,"score":677,"percentile":763},"2025-11-15",0.60481,{"date":765,"score":677,"percentile":766},"2025-11-16",0.60469,{"date":768,"score":677,"percentile":766},"2025-11-17",{"date":770,"score":677,"percentile":771},"2025-11-18",0.58458,{"date":773,"score":677,"percentile":774},"2025-11-19",0.58474,{"date":776,"score":677,"percentile":777},"2025-11-20",0.58462,{"date":779,"score":677,"percentile":757},"2025-11-21",{"date":781,"score":677,"percentile":757},"2025-11-22",{"date":783,"score":677,"percentile":742},"2025-11-23",{"date":785,"score":677,"percentile":745},"2025-11-24",{"date":787,"score":677,"percentile":788},"2025-11-25",0.60467,{"date":790,"score":677,"percentile":788},"2025-11-26",{"date":792,"score":677,"percentile":793},"2025-11-27",0.60473,{"date":795,"score":677,"percentile":796},"2025-11-28",0.6045,{"date":798,"score":677,"percentile":799},"2025-11-29",0.60425,{"date":801,"score":677,"percentile":802},"2025-11-30",0.60416,{"date":804,"score":677,"percentile":805},"2025-12-01",0.60564,{"date":807,"score":677,"percentile":808},"2025-12-02",0.60579,{"date":810,"score":677,"percentile":811},"2025-12-03",0.60581,{"date":813,"score":677,"percentile":802},"2025-12-04",{"date":815,"score":677,"percentile":816},"2025-12-05",0.60424,{"date":818,"score":677,"percentile":819},"2025-12-06",0.60415,{"date":821,"score":677,"percentile":822},"2025-12-07",0.60407,{"date":824,"score":677,"percentile":825},"2025-12-08",0.6041,{"date":827,"score":677,"percentile":733},"2025-12-09",{"date":829,"score":677,"percentile":830},"2025-12-10",0.60491,{"date":832,"score":677,"percentile":833},"2025-12-11",0.6051,{"date":835,"score":677,"percentile":836},"2025-12-12",0.60528,{"date":838,"score":677,"percentile":839},"2025-12-13",0.60529,{"date":841,"score":677,"percentile":842},"2025-12-14",0.60524,{"date":844,"score":677,"percentile":845},"2025-12-15",0.60494,{"date":847,"score":677,"percentile":848},"2025-12-16",0.60515,{"date":850,"score":677,"percentile":851},"2025-12-17",0.60531,{"date":853,"score":677,"percentile":854},"2025-12-18",0.60574,{"date":856,"score":677,"percentile":857},"2025-12-19",0.60582,{"date":859,"score":677,"percentile":857},"2025-12-20",{"date":861,"score":677,"percentile":862},"2025-12-21",0.60569,{"date":864,"score":677,"percentile":865},"2025-12-22",0.60562,{"date":867,"score":677,"percentile":868},"2025-12-23",0.60577,{"date":870,"score":677,"percentile":871},"2025-12-24",0.60589,{"date":873,"score":677,"percentile":874},"2025-12-25",0.60621,{"date":876,"score":677,"percentile":877},"2025-12-26",0.60618,{"date":879,"score":677,"percentile":880},"2025-12-27",0.60673,{"date":882,"score":677,"percentile":883},"2025-12-28",0.60593,{"date":885,"score":677,"percentile":886},"2025-12-29",0.60587,{"date":888,"score":677,"percentile":889},"2025-12-30",0.606,{"date":891,"score":677,"percentile":892},"2025-12-31",0.60622,{"date":894,"score":677,"percentile":895},"2026-01-01",0.60803,{"date":897,"score":677,"percentile":898},"2026-01-02",0.60791,{"date":900,"score":677,"percentile":901},"2026-01-03",0.60789,{"date":903,"score":677,"percentile":904},"2026-01-04",0.60619,{"date":906,"score":677,"percentile":907},"2026-01-05",0.60605,{"date":909,"score":677,"percentile":910},"2026-01-06",0.60616,{"date":912,"score":677,"percentile":913},"2026-01-07",0.6064,{"date":915,"score":677,"percentile":916},"2026-01-08",0.60666,{"date":918,"score":677,"percentile":919},"2026-01-09",0.60668,{"date":921,"score":677,"percentile":922},"2026-01-10",0.60663,{"date":924,"score":677,"percentile":925},"2026-01-11",0.60646,{"date":927,"score":677,"percentile":928},"2026-01-12",0.60623,{"date":930,"score":677,"percentile":886},"2026-01-13",{"date":932,"score":677,"percentile":933},"2026-01-14",0.60624,{"date":935,"score":677,"percentile":936},"2026-01-15",0.60625,{"date":938,"score":677,"percentile":939},"2026-01-16",0.60647,{"date":941,"score":677,"percentile":942},"2026-01-17",0.60641,{"date":944,"score":677,"percentile":945},"2026-01-18",0.60637,{"date":947,"score":677,"percentile":933},"2026-01-19",{"date":949,"score":677,"percentile":950},"2026-01-20",0.60635,{"date":952,"score":677,"percentile":953},"2026-01-21",0.60638,{"date":955,"score":677,"percentile":942},"2026-01-22",{"date":957,"score":677,"percentile":958},"2026-01-23",0.60679,{"date":960,"score":677,"percentile":961},"2026-01-24",0.60687,{"date":963,"score":677,"percentile":964},"2026-01-25",0.60652,{"date":966,"score":677,"percentile":967},"2026-01-26",0.60643,{"date":969,"score":677,"percentile":939},"2026-01-27",{"date":971,"score":677,"percentile":972},"2026-01-28",0.6066,{"date":974,"score":677,"percentile":975},"2026-01-29",0.60662,{"date":977,"score":677,"percentile":978},"2026-01-30",0.60664,{"date":980,"score":677,"percentile":981},"2026-01-31",0.6067,{"date":983,"score":677,"percentile":984},"2026-02-01",0.60799,[986,994],{"source":681,"cvss_v2_0":987,"cvss_v3_0":9,"cvss_v3_1":992,"cvss_v4_0":9},{"baseScore":988,"baseSeverity":9,"vectorString":989,"impactScore":990,"exploitabilityScore":991},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":679,"baseSeverity":993,"vectorString":682,"impactScore":679,"exploitabilityScore":991},"CRITICAL",{"source":694,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":995,"cvss_v4_0":9},{"baseScore":679,"baseSeverity":9,"vectorString":682,"impactScore":679,"exploitabilityScore":991},[997,1019],{"ecosystem":998,"name":999,"vendor":1000,"product":1001,"cpe_part":9,"purl_type":1002,"purl_namespace":1000,"purl_name":1001,"source":9,"versions":1003},"Go","github.com/mattermost/mattermost-server","github.com/mattermost","mattermost-server","golang",[1004,1012,1015],{"version":1005,"is_range":1006,"range_type":1007,"version_start":1008,"version_start_type":1009,"version_end":1010,"version_end_type":1011,"fixed_in":9},"gte3_10_0+incompatible_lt3_10_1+incompatible",true,"semver","3.10.0+incompatible","including","3.10.1+incompatible","excluding",{"version":1013,"is_range":1006,"range_type":1007,"version_start":9,"version_start_type":9,"version_end":1014,"version_end_type":1011,"fixed_in":9},"lt3_9_1_rc1","3.9.1-rc1",{"version":1016,"is_range":1006,"range_type":1007,"version_start":1017,"version_start_type":1009,"version_end":1018,"version_end_type":1011,"fixed_in":9},"gte3_10_0_lt3_10_1","3.10.0","3.10.1",{"ecosystem":9,"name":1020,"vendor":1021,"product":1022,"cpe_part":1023,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1024},"mattermost server","mattermost","mattermost_server","a",[1025,1029],{"version":1026,"is_range":1006,"range_type":1027,"version_start":9,"version_start_type":9,"version_end":1028,"version_end_type":1011,"fixed_in":9},"lt3.9.2","cpe","3.9.2",{"version":1030,"is_range":1006,"range_type":1027,"version_start":1017,"version_start_type":1009,"version_end":1031,"version_end_type":1011,"fixed_in":9},"gte3.10.0_lt3.10.2","3.10.2"]