CVE-2025-0476

Name of the Vulnerable Software and Affected Versions Mattermost Mobile Apps versions <=2.22.0

Description The issue arises from the mobile application's inability to properly handle specially crafted attachment names. This allows an attacker to crash the mobile app for any user who has opened a channel containing the specially crafted attachment. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For Mattermost Mobile Apps versions <=2.22.0, update to a version greater than 2.22.0 to resolve the issue. As a temporary workaround, consider avoiding channels with suspicious attachments to minimize the risk of the application crashing.