CVE-2025-24839

Name of the Vulnerable Software and Affected Versions Mattermost versions 10.5.x through 10.5.1 Mattermost versions 10.4.x through 10.4.3 Mattermost versions 9.11.x through 9.11.9

Description The issue allows users without access to the AI bot to activate it by attaching the activate ai override property to a post via the Wrangler plugin, provided both the AI and Wrangler plugins are enabled. This occurs because Mattermost fails to prevent Wrangler posts from triggering AI responses.

Recommendations For versions 10.5.x through 10.5.1, consider disabling the Wrangler plugin until a patch is available. For versions 10.4.x through 10.4.3, restrict access to the AI bot to minimize the risk of exploitation. For versions 9.11.x through 9.11.9, avoid using the activate ai override property in posts via the Wrangler plugin until the issue is resolved.