Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2026/04/08 2:43 p.m.2 views

BIT-DISCOURSE-2026-27481 Discourse: Hidden tag visibility bypass on tag routes

Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.3, and 2026.2.0 to before 2026.2.2, an authorization bypass vulnerability allows unauthenticated or unauthorized users to view hidden staff-only tags and its associated data. All Discourse instances with...

6.3CVSS5.7AI score0.00229EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/03 9:27 p.m.2 views

CVE-2026-27481 Discourse: Hidden tag visibility bypass on tag routes

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authorization bypass vulnerability allows unauthenticated or unauthorized users to view hidden staff-only tags and its...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References1
CVE
CVEadded 2026/04/03 9:27 p.m.15 views

CVE-2026-27481

Discourse (open-source platform) is affected by an authorization bypass affecting hidden staff-only tags. Affects versions 2026.1.0-latest–2026.1.3, 2026.2.0-latest–2026.2.2, and 2026.3.0-latest–2026.3.0. Unauthenticated/unauthorized users could view hidden tags and related data when tagging is e...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/04/03 9:27 p.m.25 views

CVE-2026-27481 Discourse: Hidden tag visibility bypass on tag routes

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authorization bypass vulnerability allows unauthenticated or unauthorized users to view hidden staff-only tags and its...

6.3CVSS0.00229EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:19 a.m.1 views

CVE-2023-23620

Discourse is an open-source discussion platform. Prior to version 3.0.1 on the stable branch and 3.1.0.beta2 on the beta and tests-passed branches, the contents of latest/top routes for restricted tags can be accessed by unauthorized users. This issue is patched in version 3.0.1 on the stable...

5.3CVSS5.3AI score0.00669EPSS
Exploits0References1
OpenVAS
OpenVASadded 2023/01/27 12:0 a.m.15 views

Discourse < 3.0.1 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

8.8CVSS5.2AI score0.00874EPSS
Exploits0References9
Rows per page
Query Builder