CVE-2026-22545 LOW

CVE-2026-22545: Password Change Bypass via Auth Switch Endpoint

Vendor Mattermost

Product Mattermost

Weakness CWE-863 · Incorrect authorization

Published March 16, 2026

Last update March 16, 2026

View on NVD All CVEs

CVSS base score

3.1/10

Attack vector Network

Attack complexity High

Privileges required None

User interaction Required

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

Mattermost versions 10.11.x <= 10.11.10 fail to validate user's authentication method when processing account auth type switch which allows an authenticated attacker to change account password without confirmation via falsely claiming a different auth provider.. Mattermost Advisory ID: MMSA-2026-00583

Key dates

02Disclosure timeline

March 16, 2026 CVE published

March 16, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-22545

Related vulnerabilities

04Related CVE

CVE-2024-7096 Privilege Escalation in Multiple WSO2 Products via SOAP Admin Service Due to Business Logic Flaw CVE-2026-29087 @hono/node-server: Authorization bypass for protected static paths via encoded slashes in Serve Static Middleware CVE-2026-35490 changedetection.io has an Authentication Bypass via Decorator Ordering CVE-2025-23262 CVE-2023-47142 IBM Tivoli Application Dependency Discovery Manager privilege escalation