12 matches found
CVE-2025-64681
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations...
CVE-2025-64681
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations...
CVE-2025-64681
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations...
EUVD-2025-44056
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations...
CVE-2025-64681
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations...
BIT-DISCOURSE-2025-32376 Discourse DM limits aren’t always properly enforced
Discourse is an open-source discussion platform. Prior to versions 3.4.3 on the stable branch and 3.5.0.beta3 on the beta branch, the users limit for a DM can be bypassed, thus giving the ability to potentially create a DM with every user from a site in it. This issue has been patched in stable...
CVE-2025-32376
Discourse is an open-source discussion platform. Prior to versions 3.4.3 on the stable branch and 3.5.0.beta3 on the beta branch, the users limit for a DM can be bypassed, thus giving the ability to potentially create a DM with every user from a site in it. This issue has been patched in stable...
PT-2025-18290 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.4.3 Discourse versions prior to 3.5.0.beta3 Description: Discourse is an open-source discussion platform. In versions prior to 3.4.3 on the stable branch and 3.5.0.beta3 on the beta branch, the user limit for a...
Dust: User Limit Bypass via Pending Invitations in Workspace System
The platform's workspace user limit was found to be vulnerable to bypass through the use of pending invitations. Users were able to join a workspace by signing up with an invited email, even after the workspace had reached its user limit for the current subscription tier. This allowed an unlimite...
CVE-2025-24808
Discourse is an open-source discussion platform. Prior to versions 3.3.4 on the stable branch and 3.4.0.beta5 on the beta branch, someone who is about to reach the limit of users in a group DM may send requests to add new users in parallel. The requests might all go through ignoring the limit due...
CVE-2025-24808 Discourse has race condition when adding users to a group DM
Discourse is an open-source discussion platform. Prior to versions 3.3.4 on the stable branch and 3.4.0.beta5 on the beta branch, someone who is about to reach the limit of users in a group DM may send requests to add new users in parallel. The requests might all go through ignoring the limit due...
CVE-2025-24808
Summary: Discourse is affected by a race condition in the add_users_to_channel flow when adding users to a group DM, potentially bypassing the group size limit. Affected versions: before 3.3.4 on the stable branch and before 3.4.0.beta5 on the beta branch. Root cause: lack of proper synchronizati...