Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNVD
CNVDadded 2026/04/10 12:0 a.m.3 views

Discourse Information Disclosure Vulnerability (CNVD-2026-17249)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . An information disclosure vulnerability exists in Discourse. The vulnerability stems from the fact that an authenticated user can send an...

4.3CVSS5.7AI score0.00048EPSS
Exploits0
EUVD
EUVDadded 2026/03/31 5:41 p.m.1 views

EUVD-2026-17565

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authenticated user can obtain shared draft topic titles by sending an inline onebox request with a categoryid parameter...

4.3CVSS5.8AI score0.00048EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-52175

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00184EPSS
Exploits0References2
NVD
NVDadded 2025/02/04 10:15 p.m.11 views

CVE-2024-53851

Discourse is an open source platform for community discussion. In affected versions the endpoint for generating inline oneboxes for URLs wasn't enforcing limits on the number of URLs that it accepted, allowing a malicious user to inflict denial of service on some parts of the app. This...

6.5CVSS0.00184EPSS
Exploits0References2
OSV
OSVadded 2025/02/04 9:16 p.m.9 views

CVE-2024-53851 Partial denial of service via inline oneboxes in Discourse

Discourse is an open source platform for community discussion. In affected versions the endpoint for generating inline oneboxes for URLs wasn't enforcing limits on the number of URLs that it accepted, allowing a malicious user to inflict denial of service on some parts of the app. This...

4.3CVSS6.2AI score0.00184EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/02/04 12:0 a.m.1 views

Discourse 资源管理错误漏洞

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes community, email, and chat room features. Discourse suffers from a resource management error vulnerability that stems from a URL endpoint that generates an inline onebox without limiting th...

6.5CVSS6.3AI score0.00184EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/02/04 12:0 a.m.1 views

PT-2025-2994 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to the latest stable, beta and tests-passed versions Description: The issue is related to the endpoint for generating inline oneboxes for URLs, which did not enforce limits on the number of URLs accepted, allowing a...

4.3CVSS6.5AI score0.00184EPSS
Exploits0References7
Rows per page
Query Builder