Lucene search
K

4 matches found

NVD
NVD
added 2026/06/12 9:16 p.m.16 views

CVE-2026-45085

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, four authorization/disclosure issues in the chat plugin one also involving discourse-calendar: read-only category users...

5.3CVSS0.00204EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 8:25 p.m.8 views

CVE-2026-45085 Discourse: Chat misauthorization and information disclosure

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, four authorization/disclosure issues in the chat plugin one also involving discourse-calendar: read-only category users...

5.3CVSS5.2AI score0.00204EPSS
Exploits0References1
OSV
OSV
added 2026/03/27 7:11 a.m.4 views

BIT-DISCOURSE-2026-33410 Discourse hardens chat DM channel creation and expansion

Discourse is an open-source discussion platform. Versions prior to 2026.3.0, 2026.2.1, and 2026.1.2 have two authorization issues in the chat direct message API. First, when creating a direct message channel or adding users to an existing one, the targetgroups parameter was passed directly to the...

5.4CVSS5.9AI score0.00156EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/19 9:57 p.m.4 views

CVE-2026-33410

Discourse is an open-source discussion platform. Versions prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 have two authorization issues in the chat direct message API. First, when creating a direct message channel or adding users to an existing one, the targetgroups parameter was passed direct...

5.4CVSS5.8AI score0.00156EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder