CVE-2026-3637 | Mattermost up to 10.11.13/11.4.3/11.5.1 API create_post authorization

A vulnerability categorized as problematic has been discovered in Mattermost up to 10.11.13/11.4.3/11.5.1. Affected by this issue is the function create_post of the component API. Such manipulation leads to missing authorization.

This vulnerability is uniquely identified as CVE-2026-3637. The attack can be launched remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More