Discourse Backup File Disclosure Via Default Nginx Configuration

Discourse is an open source platform for community discussion. This vulnerability only impacts Discourse instances configured to use FileStore--LocalStore which means uploads and backups are stored locally on disk. If an attacker knows the name of the Discourse backup file, the attacker can trick...

CVE-2026-44785 Discourse: Hidden reply-to post raw can be disclosed through AI explain prompts

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the AI "explain" helper only checks cansee? on the post being explained, not its replytopost, so any authenticated user wi...

CVE-2026-32244 Discourse: Cached outdated summaries can leak removed content

Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content to anonymous and unprivileged users who cannot regenerate summaries. This issue has been fixed in versions 2026.1.4,...

Discourse Information Disclosure Vulnerability (CNVD-2026-17256)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an information disclosure vulnerability that can be exploited by attackers to cause moderators to obtain informati...

Discourse code issue vulnerability (CNVD-2026-17261)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a code issue vulnerability that can be exploited by an attacker to cause the server to initiate outbound connectio...

BIT-DISCOURSE-2026-32951 Discourse: Authorization bypass in oneboxer via user-controlled category id

Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.3, and 2026.2.0 to before 2026.2.2, an authenticated user can obtain shared draft topic titles by sending an inline onebox request with a categoryid parameter matching the shared drafts category. This issue h...

PT-2026-30241

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authorization bypass vulnerability allows unauthenticated or unauthorized users to view hidden staff-only tags and its...

PT-2026-30244

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, staged user custom fields and username are exposed on public invite pages without email verification. This issue has been...

Discourse 信息泄露漏洞

Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email communication, and chat rooms. Versions of Discourse prior to 2026.1.3, 2026.2.2, and 2026.3.0 contained a vulnerability related to information leakage. Thi...

CVE-2026-32113

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the enter action in StaticController reads the ssodestinationurl cookie and redirects to it with allowotherhost: true...

CVE-2026-32113

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the enter action in StaticController reads the ssodestinationurl cookie and redirects to it with allowotherhost: true...

CVE-2026-32243

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an attacker with the ability to create shared AI conversations could inject arbitrary HTML and JavaScript via crafted...

EUVD-2026-17559

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, non-staff users could access read receipt information for staff-only posts they weren't supposed to see. No post content w...

CVE-2026-32620

Summary: CVE-2026-32620 affects Discourse. From 2026.1.0-latest up to before 2026.1.3, 2026.2.0-latest up to before 2026.2.2, and 2026.3.0-latest up to before 2026.3.0, non-staff users could access read receipt metadata for staff-only posts they were not supposed to see. No post content was expos...

EUVD-2026-17552

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, when the hidden prioritizefullnameinux site setting is enabled defaults to false, requires console access to change, user...

CVE-2026-32243 Discourse: Stored XSS in discourse-ai shared conversations onebox

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an attacker with the ability to create shared AI conversations could inject arbitrary HTML and JavaScript via crafted...

CVE-2026-32113 Discourse: Open redirect via `sso_destination_url` cookie in `enter`

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the enter action in StaticController reads the ssodestinationurl cookie and redirects to it with allowotherhost: true...

CVE-2026-32143 Discourse: Admin-only report can be exported by moderators

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, moderators could export CSV data for admin-restricted reports, bypassing the report visibility restrictions. This could...

Discourse 代码问题漏洞

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a code issue vulnerability that can be exploited by an attacker to cause the server to initiate outbound connectio...

Discourse 信息泄露漏洞

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an information disclosure vulnerability that stems from non-employee users having access to read receipt informati...