Mattermost · Mattermost · CVE-2025-31947
Name of the Vulnerable Software and Affected Versions:
Mattermost versions 9.11.x through 10.6.1
Description:
The issue allows attackers to lock external LDAP accounts through repeated login failures due to Mattermost's failure to lock out LDAP users following repeated login failures.
Recommendations:
For Mattermost versions 9.11.x through 10.6.1, update to a version that includes a fix for this issue to prevent LDAP account lockout bypass.