Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/06/12 8:23 p.m.7 views

CVE-2026-44782 Discourse: GroupPostSerializer leaks hidden full names through reaction post association

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, GroupPostSerializer declared includeuserlongname? as the predicate for its :name attribute, but AMS looks for includename?...

4.3CVSS5.2AI score0.00189EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 8:23 p.m.30 views

CVE-2026-44782 Discourse: GroupPostSerializer leaks hidden full names through reaction post association

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, GroupPostSerializer declared includeuserlongname? as the predicate for its :name attribute, but AMS looks for includename?...

4.3CVSS0.00189EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 8:23 p.m.10 views

EUVD-2026-36585

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, GroupPostSerializer declared includeuserlongname? as the predicate for its :name attribute, but AMS looks for includename?...

4.3CVSS5.3AI score0.00189EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 8:23 p.m.18 views

CVE-2026-44782

Discourse (open-source) is affected. In versions 2026.1.0-latest–2026.1.3.x, 2026.3.0-latest–2026.3.0.x, and 2026.4.0-latest–2026.4.0.x, GroupPostSerializer used include_user_long_name? as the predicate for the :name attribute. AMS checks for include_name?, but the misnamed predicate was never in...

4.3CVSS5.3AI score0.00189EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.18 views

PT-2026-48979

Name of the Vulnerable Software and Affected Versions Discourse versions 2026.1.0 through 2026.1.3 Discourse versions 2026.3.0 Discourse versions 2026.4.0 Description An issue exists in the GroupPostSerializer where the predicate for the :name attribute was incorrectly declared as include user lo...

4.3CVSS5.2AI score0.00189EPSS
Exploits0References5
Rows per page
Query Builder