CVE-2026-2463 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Mattermost versions 11.3.x
Medium CVSS: 4.3

CVE-2026-2463

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to filter invite IDs based on user permissions, which allows regular users to bypass access control restrictions and register unauthorized accounts via leaked invite IDs during team creation.. Mattermost Advisory ID: MMSA-2025-00565
Vendor
Mattermost
Product
Mattermost Server
CWE
CWE-862
Yayın Tarihi
2026-03-16 14:19:30
Güncelleme
2026-03-18 17:43:26
Source Identifier
responsibledisclosure@mattermost.com
KEV Date Added
-

Kategoriler

CWE-862 Mattermost Server MEDIUM Mattermost 2026

Referanslar

https://mattermost.com/security-updates