diff --git a/CHANGELOG.md b/CHANGELOG.md
index fd1054a3..2590f872 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/) and this p
 - insufficient_security_configurability.verification_of_contact_method_not_required
 - insufficient_security_configurability.weak_two_fa_implementation.two_fa_code_is_not_updated_after_new_code_is_requested
 - insufficient_security_configurability.weak_two_fa_implementation.old_two_fa_code_is_not_invalidated_after_new_code_is_generated
+- server_security_misconfiguration.oauth_misconfiguration.account_squatting
 
 ### Removed
 - insufficient_security_configurability.lack_of_verification_email
diff --git a/mappings/cvss_v3/cvss_v3.json b/mappings/cvss_v3/cvss_v3.json
index b38bba53..7250e660 100644
--- a/mappings/cvss_v3/cvss_v3.json
+++ b/mappings/cvss_v3/cvss_v3.json
@@ -165,6 +165,10 @@
             {
               "id": "account_takeover",
               "cvss_v3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+            },
+            {
+              "id": "account_squatting",
+              "cvss_v3": "AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"
             }
           ]
         },
diff --git a/mappings/remediation_advice/remediation_advice.json b/mappings/remediation_advice/remediation_advice.json
index ddcdbf05..f0e048b9 100644
--- a/mappings/remediation_advice/remediation_advice.json
+++ b/mappings/remediation_advice/remediation_advice.json
@@ -281,6 +281,10 @@
                 "https://tools.ietf.org/html/rfc6819"
               ]
             },
+            {
+              "id": "account_squatting",
+              "remediation_advice": "In case of OAuth based account registration, ensure that if there is a preexisting account for the same email address and is to be merged, that it will no longer be accessible with its old password."
+            },
             {
               "id": "missing_state_parameter",
               "remediation_advice": "The OAuth state parameter is a form of CSRF protection, ensure that it is in place and properly validated."
diff --git a/vulnerability-rating-taxonomy.json b/vulnerability-rating-taxonomy.json
index 040d9600..fe69a2d2 100644
--- a/vulnerability-rating-taxonomy.json
+++ b/vulnerability-rating-taxonomy.json
@@ -292,6 +292,12 @@
               "type": "variant",
               "priority": 2
             },
+            {
+              "id": "account_squatting",
+              "name": "Account Squatting",
+              "type": "variant",
+              "priority": 4
+            },
             {
               "id": "missing_state_parameter",
               "name": "Missing/Broken State Parameter",