Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

CVE
CVEadded 2026/02/26 7:19 p.m.5 views

CVE-2026-26973

Summary: CVE-2026-26973 affects Discourse before versions 2025.12.2, 2026.1.1, and 2026.2.0, where an IDOR in the ReviewableNotesController allows a user in a category moderation group to create or delete notes on any reviewable when enable_category_group_moderation is on. Root cause: unscoped Re...

4.3CVSS5.3AI score0.00054EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/02/26 7:19 p.m.19 views

CVE-2026-26973 Discourse doesn't scope reviewable notes to user-visible reviewables

Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR Insecure Direct Object Reference in ReviewableNotesController. When enablecategorygroupmoderation is enabled, a user belonging to a category moderation group can create or delete thei...

4.3CVSS0.00054EPSS
Exploits0References1
Rows per page
Query Builder