Security Advisory

CVE-2026-2463

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-16 11:13:57

Last updated 2026-03-16 13:49:58

Assigner Mattermost

State PUBLISHED

Description

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to filter invite IDs based on user permissions, which allows regular users to bypass access control restrictions and register unauthorized accounts via leaked invite IDs during team creation.. Mattermost Advisory ID: MMSA-2025-00565

← Browse all CVEs View on cve.org ↗