CVE-2025-20630

Name of the Vulnerable Software and Affected Versions Mattermost Mobile versions <=2.22.0

Description The issue arises from the improper handling of posts with attachments that contain fields which cannot be converted to a string. This allows an attacker to cause the mobile application to crash by creating and sending such a post to a channel.

Recommendations For Mattermost Mobile versions <=2.22.0, update to a version higher than 2.22.0 to resolve the issue. As a temporary workaround, consider avoiding the use of attachments with fields that cannot be cast to a string in posts to prevent the application from crashing.