What is CVE-2025-54458?

Mattermost Confluence Plugin versions < 1.5.0 fails to check user access of the Confluence space, allowing attackers to create a subscription to a Confluence space the user does not have access to via the create subscription endpoint.

What is the severity of CVE-2025-54458?

CVE-2025-54458 has a CVSS v3 score of 5, which is classified as Medium severity.

Is there an exploit available for CVE-2025-54458?

No known public exploits are currently available for CVE-2025-54458.

Is there a patch available for CVE-2025-54458?

Yes, patches are available for CVE-2025-54458. Check the vendor advisories for update instructions.

CVE-2025-54458 - CVE Details, Severity, and Analysis

Q: What is the severity of CVE-2025-54458?

CVE-2025-54458 has a CVSS v3 score of 5, which is classified as Medium severity.

Q: Is there an exploit available for CVE-2025-54458?

No known public exploits are currently available for CVE-2025-54458.

Q: Is there a patch available for CVE-2025-54458?

Yes, patches are available for CVE-2025-54458. Check the vendor advisories for update instructions.

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001

Trend Analysis

Neutral

Vulnerable Products

Vendor	Product
Mattermost	Confluence

Advisories

GitHub Advisory Go Vuln Db

NVD: Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the Confluence space which allows attackers to create a subscription for a Confluence space the user does not have access to via the create subscription endpoint.

CVE-2025-54458 - CVE Details, Severity, and Analysis | Strobes VI