Discourse authorization issue vulnerability (CNVD-2026-17259)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an authorization issue vulnerability that stems from a category group moderator being able to perform privileged...

CVE-2026-32615

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, category group moderators could perform privileged actions on topics inside private categories they did not have read acce...

CVE-2026-32619

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, users who lost access to a topic e.g., removed from a private category group could still interact with polls in that topic...

QPixel 信息泄露漏洞

QPixel is a Q&A based community knowledge sharing software open source by Codidact. QPixel suffers from an information disclosure vulnerability that stems from the fact that when a category is set to private or limited visibility, suggested edits within this category can still be viewed by...

FreeBSD : mantis -- multiple vulnerabilities (2dc8927b-54e0-11eb-9342-1c697a013f4b)

Mantis 2.24.4 release reports : Security and maintenance release, addressing 6 CVEs : - 0027726: CVE-2020-29603: disclosure of private project name - 0027727: CVE-2020-29605: disclosure of private issue summary - 0027728: CVE-2020-29604: full disclosure of private issue contents, including bugnot...