Stateward All advisories →
medium
CVE-2026-22545
Go · github.com/mattermost/mattermost-server • Go · github.com/mattermost/mattermost-server/v5 • Go · github.com/mattermost/mattermost-server/v6 • Go · github.com/mattermost/mattermost/server/v8
Summary Mattermost fails to validate user's authentication method when processing account auth type switch in github.com/mattermost/mattermost-server
Severity medium EPSS 0.1% (p4) Also known as GHSA-rv67-7w2g-7976, GHSA-rv67-7w2g-7976#github.com/mattermost/mattermost-server, GHSA-rv67-7w2g-7976#github.com/mattermost/mattermost/server/v8, GO-2026-4786, GO-2026-4786#github.com/mattermost/mattermost-server, GO-2026-4786#github.com/mattermost/mattermost-server/v5, GO-2026-4786#github.com/mattermost/mattermost-server/v6, GO-2026-4786#github.com/mattermost/mattermost/server/v8 Published 2026-03-23 Related advisories CVE-2026-6346 — high · Go/github.com/mattermost/mattermost-serverCVE-2026-6347 — high · Go/github.com/mattermost/mattermost-serverCVE-2026-6339 — medium · Go/github.com/mattermost/mattermost-serverCVE-2026-5163 — medium · Go/github.com/mattermost/mattermost-serverCVE-2026-28732 — medium · Go/github.com/mattermost/mattermost-serverCVE-2026-6345 — medium · Go/github.com/mattermost/mattermost-serverCVE-2026-6340 — medium · Go/github.com/mattermost/mattermost-serverCVE-2026-3637 — medium · Go/github.com/mattermost/mattermost-serverIs your project exposed to this? Stateward checks every dependency on every pull request and flags it only if your code actually reaches it.
Check my repo