[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-48872":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":28,"aliases":29,"duplicate_of":9,"upstream":32,"downstream":33,"duplicates":36,"related":37,"reserved_at":9,"published_at":39,"modified_at":40,"state":41,"summary":42,"references_raw":51,"kevs":74,"epss":75,"epss_history":78,"metrics":346,"affected":356},"CVE-2024-48872","Mattermost versions 10.1.x \u003C= 10.1.2, 10.0.x \u003C= 10.0.2, 9.11.x \u003C= 9.11.4, and 9.5.x \u003C= 9.5.12 fail to prevent concurrently checking and updating the failed login attempts. which allows an attacker to bypass of \"Max failed attempts\" restriction and send a big number of login attempts before being blocked via simultaneously sending multiple login requests",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-362","Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')","The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.","weakness","Draft","Class","Medium",[20,24],{"id":21,"name":22,"techniques":23},"CAPEC-26","Leveraging Race Conditions",[],{"id":25,"name":26,"techniques":27},"CAPEC-29","Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions",[],[],[30,31],"GHSA-826h-p4c3-477p","GO-2024-3338",[],[34],{"_key":35},"OPENSUSE-SU-2024:14603-1",[],[38],{"_key":35},"2024-12-16T08:01:01.444Z","2024-12-16T16:04:58.409Z","Analyzed",{"cisa_kev":43,"cisa_ransomware":43,"cisa_vendor":9,"epss_severity":44,"epss_score":45,"severity":46,"severity_score":47,"severity_version":48,"severity_source":49,"severity_vector":50,"severity_status":41},false,"low",0.00085,"medium",4.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",[52,60,65,70],{"url":53,"sources":54,"tags":57},"https://mattermost.com/security-updates",[49,55,56],"nvd","osv_go",[58,59],"Vendor Advisory","WEB",{"url":61,"sources":62,"tags":63},"https://nvd.nist.gov/vuln/detail/CVE-2024-48872",[56],[64],"Advisory",{"url":66,"sources":67,"tags":68},"https://github.com/mattermost/mattermost",[56],[69],"PACKAGE",{"url":71,"sources":72,"tags":73},"https://github.com/advisories/GHSA-826h-p4c3-477p",[56],[64],[],{"date":76,"score":45,"percentile":77},"2026-06-04",0.24615,[79,83,86,89,92,95,98,101,104,107,110,113,116,119,122,126,129,132,135,138,141,144,147,150,153,156,159,162,165,168,171,174,177,180,183,186,189,192,195,198,201,204,207,210,213,216,219,222,224,227,230,232,235,238,240,243,246,249,252,255,258,260,263,266,269,272,275,278,281,283,286,289,291,294,296,298,301,304,307,310,313,316,320,323,326,329,333,337,340,343],{"date":80,"score":81,"percentile":82},"2025-11-04",0.00094,0.26978,{"date":84,"score":81,"percentile":85},"2025-11-05",0.26959,{"date":87,"score":81,"percentile":88},"2025-11-06",0.2697,{"date":90,"score":81,"percentile":91},"2025-11-07",0.26972,{"date":93,"score":81,"percentile":94},"2025-11-08",0.26967,{"date":96,"score":81,"percentile":97},"2025-11-09",0.2692,{"date":99,"score":81,"percentile":100},"2025-11-10",0.26885,{"date":102,"score":81,"percentile":103},"2025-11-11",0.26904,{"date":105,"score":81,"percentile":106},"2025-11-12",0.2694,{"date":108,"score":81,"percentile":109},"2025-11-13",0.26945,{"date":111,"score":81,"percentile":112},"2025-11-14",0.26932,{"date":114,"score":81,"percentile":115},"2025-11-15",0.26921,{"date":117,"score":81,"percentile":118},"2025-11-16",0.26878,{"date":120,"score":81,"percentile":121},"2025-11-17",0.2684,{"date":123,"score":124,"percentile":125},"2025-11-18",0.00151,0.30171,{"date":127,"score":124,"percentile":128},"2025-11-19",0.30187,{"date":130,"score":124,"percentile":131},"2025-11-20",0.30188,{"date":133,"score":81,"percentile":134},"2025-11-21",0.26812,{"date":136,"score":81,"percentile":137},"2025-11-22",0.26813,{"date":139,"score":81,"percentile":140},"2025-11-23",0.26767,{"date":142,"score":81,"percentile":143},"2025-11-24",0.26736,{"date":145,"score":81,"percentile":146},"2025-11-25",0.26727,{"date":148,"score":81,"percentile":149},"2025-11-26",0.26718,{"date":151,"score":81,"percentile":152},"2025-11-27",0.2672,{"date":154,"score":81,"percentile":155},"2025-11-28",0.26689,{"date":157,"score":81,"percentile":158},"2025-11-29",0.26673,{"date":160,"score":81,"percentile":161},"2025-11-30",0.26633,{"date":163,"score":81,"percentile":164},"2025-12-01",0.26686,{"date":166,"score":81,"percentile":167},"2025-12-02",0.26708,{"date":169,"score":81,"percentile":170},"2025-12-03",0.26714,{"date":172,"score":81,"percentile":173},"2025-12-04",0.26649,{"date":175,"score":81,"percentile":176},"2025-12-05",0.26687,{"date":178,"score":81,"percentile":179},"2025-12-06",0.26685,{"date":181,"score":81,"percentile":182},"2025-12-07",0.26654,{"date":184,"score":81,"percentile":185},"2025-12-08",0.26658,{"date":187,"score":81,"percentile":188},"2025-12-09",0.26715,{"date":190,"score":81,"percentile":191},"2025-12-10",0.26788,{"date":193,"score":81,"percentile":194},"2025-12-11",0.26806,{"date":196,"score":81,"percentile":197},"2025-12-12",0.26817,{"date":199,"score":81,"percentile":200},"2025-12-13",0.26816,{"date":202,"score":81,"percentile":203},"2025-12-14",0.26779,{"date":205,"score":81,"percentile":206},"2025-12-15",0.26751,{"date":208,"score":81,"percentile":209},"2025-12-16",0.26761,{"date":211,"score":81,"percentile":212},"2025-12-17",0.2682,{"date":214,"score":81,"percentile":215},"2025-12-18",0.26871,{"date":217,"score":81,"percentile":218},"2025-12-19",0.26883,{"date":220,"score":81,"percentile":221},"2025-12-20",0.26854,{"date":223,"score":81,"percentile":200},"2025-12-21",{"date":225,"score":81,"percentile":226},"2025-12-22",0.26784,{"date":228,"score":81,"percentile":229},"2025-12-23",0.26752,{"date":231,"score":81,"percentile":140},"2025-12-24",{"date":233,"score":81,"percentile":234},"2025-12-25",0.26841,{"date":236,"score":81,"percentile":237},"2025-12-26",0.2683,{"date":239,"score":81,"percentile":197},"2025-12-27",{"date":241,"score":81,"percentile":242},"2025-12-28",0.267,{"date":244,"score":81,"percentile":245},"2025-12-29",0.26668,{"date":247,"score":81,"percentile":248},"2025-12-30",0.26665,{"date":250,"score":81,"percentile":251},"2025-12-31",0.2673,{"date":253,"score":81,"percentile":254},"2026-01-01",0.26834,{"date":256,"score":81,"percentile":257},"2026-01-02",0.26835,{"date":259,"score":81,"percentile":200},"2026-01-03",{"date":261,"score":81,"percentile":262},"2026-01-04",0.26717,{"date":264,"score":81,"percentile":265},"2026-01-05",0.26703,{"date":267,"score":81,"percentile":268},"2026-01-06",0.26711,{"date":270,"score":81,"percentile":271},"2026-01-07",0.2674,{"date":273,"score":81,"percentile":274},"2026-01-08",0.26785,{"date":276,"score":81,"percentile":277},"2026-01-09",0.26771,{"date":279,"score":81,"percentile":280},"2026-01-10",0.26743,{"date":282,"score":81,"percentile":152},"2026-01-11",{"date":284,"score":81,"percentile":285},"2026-01-12",0.26675,{"date":287,"score":81,"percentile":288},"2026-01-13",0.26656,{"date":290,"score":81,"percentile":242},"2026-01-14",{"date":292,"score":81,"percentile":293},"2026-01-15",0.26695,{"date":295,"score":81,"percentile":146},"2026-01-16",{"date":297,"score":81,"percentile":251},"2026-01-17",{"date":299,"score":81,"percentile":300},"2026-01-18",0.2668,{"date":302,"score":81,"percentile":303},"2026-01-19",0.26637,{"date":305,"score":81,"percentile":306},"2026-01-20",0.2662,{"date":308,"score":81,"percentile":309},"2026-01-21",0.26567,{"date":311,"score":81,"percentile":312},"2026-01-22",0.26545,{"date":314,"score":81,"percentile":315},"2026-01-23",0.26618,{"date":317,"score":318,"percentile":319},"2026-01-24",0.00065,0.20508,{"date":321,"score":318,"percentile":322},"2026-01-25",0.20434,{"date":324,"score":318,"percentile":325},"2026-01-26",0.2033,{"date":327,"score":318,"percentile":328},"2026-01-27",0.20321,{"date":330,"score":331,"percentile":332},"2026-01-28",0.00062,0.19547,{"date":334,"score":335,"percentile":336},"2026-01-29",0.00048,0.14728,{"date":338,"score":335,"percentile":339},"2026-01-30",0.14724,{"date":341,"score":335,"percentile":342},"2026-01-31",0.14749,{"date":344,"score":335,"percentile":345},"2026-02-01",0.1473,[347,352,354],{"source":49,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":348,"cvss_v4_0":9},{"baseScore":47,"baseSeverity":349,"vectorString":50,"impactScore":350,"exploitabilityScore":351},"MEDIUM",4.2,5.6,{"source":55,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":353,"cvss_v4_0":9},{"baseScore":47,"baseSeverity":349,"vectorString":50,"impactScore":350,"exploitabilityScore":351},{"source":56,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":355,"cvss_v4_0":9},{"baseScore":47,"baseSeverity":9,"vectorString":50,"impactScore":350,"exploitabilityScore":351},[357,372,378,383,405,422],{"ecosystem":358,"name":359,"vendor":360,"product":361,"cpe_part":9,"purl_type":362,"purl_namespace":360,"purl_name":361,"source":9,"versions":363},"Go","github.com/mattermost/mattermost-server","github.com/mattermost","mattermost-server","golang",[364],{"version":365,"is_range":366,"range_type":367,"version_start":368,"version_start_type":369,"version_end":370,"version_end_type":371,"fixed_in":9},"gte10_1_0+incompatible_lt10_1_3+incompatible",true,"semver","10.1.0+incompatible","including","10.1.3+incompatible","excluding",{"ecosystem":358,"name":373,"vendor":359,"product":374,"cpe_part":9,"purl_type":362,"purl_namespace":359,"purl_name":374,"source":9,"versions":375},"github.com/mattermost/mattermost-server/v5","v5",[376],{"version":377,"is_range":366,"range_type":367,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"all",{"ecosystem":358,"name":379,"vendor":359,"product":380,"cpe_part":9,"purl_type":362,"purl_namespace":359,"purl_name":380,"source":9,"versions":381},"github.com/mattermost/mattermost-server/v6","v6",[382],{"version":377,"is_range":366,"range_type":367,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":358,"name":384,"vendor":385,"product":386,"cpe_part":9,"purl_type":362,"purl_namespace":385,"purl_name":386,"source":9,"versions":387},"github.com/mattermost/mattermost/server/v8","github.com/mattermost/mattermost/server","v8",[388,392,396,400,404],{"version":389,"is_range":366,"range_type":367,"version_start":390,"version_start_type":369,"version_end":391,"version_end_type":371,"fixed_in":9},"gte10_1_0_lt10_1_3","10.1.0","10.1.3",{"version":393,"is_range":366,"range_type":367,"version_start":394,"version_start_type":369,"version_end":395,"version_end_type":371,"fixed_in":9},"gte10_0_0_lt10_0_3","10.0.0","10.0.3",{"version":397,"is_range":366,"range_type":367,"version_start":398,"version_start_type":369,"version_end":399,"version_end_type":371,"fixed_in":9},"gte9_11_0_lt9_11_5","9.11.0","9.11.5",{"version":401,"is_range":366,"range_type":367,"version_start":402,"version_start_type":369,"version_end":403,"version_end_type":371,"fixed_in":9},"gte9_5_0_lt9_5_13","9.5.0","9.5.13",{"version":377,"is_range":366,"range_type":367,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":406,"vendor":407,"product":407,"cpe_part":408,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":409},"Mattermost","mattermost","a",[410,413,416,419],{"version":411,"is_range":366,"range_type":49,"version_start":390,"version_start_type":369,"version_end":412,"version_end_type":369,"fixed_in":9},">= 10.1.0, \u003C= 10.1.2","10.1.2",{"version":414,"is_range":366,"range_type":49,"version_start":394,"version_start_type":369,"version_end":415,"version_end_type":369,"fixed_in":9},">= 10.0.0, \u003C= 10.0.2","10.0.2",{"version":417,"is_range":366,"range_type":49,"version_start":398,"version_start_type":369,"version_end":418,"version_end_type":369,"fixed_in":9},">= 9.11.0, \u003C= 9.11.4","9.11.4",{"version":420,"is_range":366,"range_type":49,"version_start":402,"version_start_type":369,"version_end":421,"version_end_type":369,"fixed_in":9},">= 9.5.0, \u003C= 9.5.12","9.5.12",{"ecosystem":9,"name":423,"vendor":407,"product":424,"cpe_part":408,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":425},"mattermost server","mattermost_server",[426,429,431,433],{"version":427,"is_range":366,"range_type":428,"version_start":402,"version_start_type":369,"version_end":403,"version_end_type":371,"fixed_in":9},"gte9.5.0_lt9.5.13","cpe",{"version":430,"is_range":366,"range_type":428,"version_start":398,"version_start_type":369,"version_end":399,"version_end_type":371,"fixed_in":9},"gte9.11.0_lt9.11.5",{"version":432,"is_range":366,"range_type":428,"version_start":394,"version_start_type":369,"version_end":395,"version_end_type":371,"fixed_in":9},"gte10.0.0_lt10.0.3",{"version":434,"is_range":366,"range_type":428,"version_start":390,"version_start_type":369,"version_end":391,"version_end_type":371,"fixed_in":9},"gte10.1.0_lt10.1.3"]