CVE-2026-26979

CVE-2026-26979 affects Discourse: TL4 users can close, archive, or pin topics in private categories they lack access to. Fixed in versions 2025.12.2, 2026.1.1, and 2026.2.0. Impact is unauthorized topic status changes with LOW severity (CVSS 3.1: none certain, I=LOW). No workarounds are reported....

PT-2026-22176

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2025.12.2 Discourse versions prior to 2026.1.1 Discourse versions prior to 2026.2.0 Description Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, Trust Level 4 TL4...

PT-2026-22197

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2025.12.2 Discourse versions prior to 2026.1.1 Discourse versions prior to 2026.2.0 Description Discourse is an open source discussion platform. Trust Level 4 TL4 users could publish topics into staff-only categorie...

Discourse 安全漏洞

Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email communication, and chat rooms. Versions of Discourse before 2025.12.2, 2026.1.1, and 2026.2.0 contained security vulnerabilities. These vulnerabilities...