In Drupal\content_moderation\Access\LatestRevisionCheck::access(), a check is made for permissions that should be delegated to content_moderation's implementation of hook_node_access():
Both of the following lines deny any other node access module the right to allow view access to the latest revision:
$access_result = AccessResult::allowedIfHasPermissions($account, ['view latest version', 'view any unpublished content']);
$owner_access = AccessResult::allowedIfHasPermissions($account, ['view latest version', 'view own unpublished content']);
The above lines should only check for the "view latest version" permission and combine that result with $entity->access('view', $account); so that all module's node access hooks get a say in whether or not the unpublished node should be visible.
The only thing LatestRevisionCheck needs to worry about is: "Does the user have access to view the latest revision and is he actually allowed see that node by other modules?" The bold part should not depend one or two permissions, but on the whole access layer!
Active
11.0 🔥
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.