CVE-2026-6334
Received Received - Intake
Mattermost OAuth Token Exchange Identity Binding Bypass

Publication date: 2026-05-18

Last updated on: 2026-05-18

Assigner: Mattermost, Inc.

Description
Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different client via a crafted token exchange request.. Mattermost Advisory ID: MMSA-2026-00570
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-18
Last Modified
2026-05-18
Generated
2026-05-20
AI Q&A
2026-05-18
EPSS Evaluated
2026-05-19
NVD
CVE-2026-6334
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
mattermost mattermost to 11.5.1 (inc)
mattermost mattermost to 10.11.13 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-305 The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability affects Mattermost versions 11.5.x up to 11.5.1 and 10.11.x up to 10.11.13. It occurs because the software fails to enforce client identity binding during the OAuth authorization code redemption flow.

As a result, an authenticated OAuth client can redeem authorization codes that were issued to a different client by crafting a token exchange request. This means one client can impersonate another during the OAuth process.


How can this vulnerability impact me? :

This vulnerability can lead to unauthorized access where an authenticated OAuth client redeems authorization codes meant for another client. This could allow attackers to gain access to resources or data they should not have permission to access.

The CVSS score of 3.1 indicates a low severity impact, with limited confidentiality and integrity impact, and no availability impact. However, it still poses a risk of information disclosure or unauthorized actions within the affected Mattermost environment.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, you should upgrade Mattermost to a version later than 11.5.1 or 10.11.13 where the issue has been fixed.

Since the vulnerability involves failure to enforce client identity binding during OAuth authorization code redemption, applying the official security updates provided by Mattermost is the recommended immediate step.

Monitor Mattermost's official security updates page for patches and advisories.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart