Vulnerabilities > Mattermost > Mattermost Desktop > 5.5.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-16 | CVE-2024-39772 | Unspecified vulnerability in Mattermost Desktop Mattermost Desktop App versions <=5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs. | 5.3 |
| 2024-09-16 | CVE-2024-45835 | Unspecified vulnerability in Mattermost Desktop Mattermost Desktop App versions <=5.8.0 fail to sufficiently configure Electron Fuses which allows an attacker to gather Chromium cookies or abuse other misconfigurations via remote/local access. | 6.5 |
| 2024-09-16 | CVE-2024-39613 | Uncontrolled Search Path Element vulnerability in Mattermost Desktop Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file, which allows a local attacker who is able to put an cmd.exe file in the Downloads folder of a user's machine to cause remote code execution on that machine. | 7.8 |
| 2024-06-14 | CVE-2024-36287 | Unspecified vulnerability in Mattermost Desktop Mattermost Desktop App versions <=5.7.0 fail to disable certain Electron debug flags which allows for bypassing TCC restrictions on macOS. | 3.3 |
| 2024-06-14 | CVE-2024-37182 | Unspecified vulnerability in Mattermost Desktop Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI schemes. | 6.1 |