CVE-2026-34947

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, staged user custom fields and username are exposed on public invite pages without email verification. This issue has been...

Linux Distros Unpatched Vulnerability : CVE-2021-39875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of GitLab CE/EE since version 13.6, it is possible to see pending invitations of any public group or public project by visiting an API endpoint...

PT-2025-4490 · Mattermost +1 · Mattermost +1

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.11.0 through 9.11.5 Description: The issue is related to the failure of Mattermost to enforce invite permissions. This allows team admins, who do not have permission to invite users to their team, to invite users by maki...