CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

8 matches found

OSV•added 2026/04/08 2:45 p.m.•2 views

BIT-DISCOURSE-2026-34947 Discourse: Staged user custom fields are exposed on public invite pages

Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.3,and 2026.2.0 to before 2026.2.2, staged user custom fields and username are exposed on public invite pages without email verification. This issue has been patched in versions 2026.1.3 and 2026.2.2...

6.9CVSS5.7AI score0.00054EPSS

Exploits0References2

RedhatCVE•added 2026/04/04 10:54 p.m.•1 views

CVE-2026-34947

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, staged user custom fields and username are exposed on public invite pages without email verification. This issue has been...

6.9CVSS5.8AI score0.00054EPSS

Exploits0References1

NVD•added 2026/04/03 10:16 p.m.•3 views

CVE-2026-34947

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, staged user custom fields and username are exposed on public invite pages without email verification. This issue has been...

6.9CVSS0.00054EPSS

Exploits0References1

Vulnrichment•added 2026/04/03 9:27 p.m.•2 views

CVE-2026-34947 Discourse: Staged user custom fields are exposed on public invite pages

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, staged user custom fields and username are exposed on public invite pages without email verification. This issue has been...

6.9CVSS5.8AI score0.00054EPSS

Exploits0References1

CVE•added 2026/04/03 9:27 p.m.•4 views

CVE-2026-34947

CVE-2026-34947 affects Discourse. Versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0 expose staged user custom fields and username on public invite pages without email verification. The issue has been patched in 2026.1.3, 2026.2...

6.9CVSS5.8AI score0.00054EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/04/03 9:27 p.m.•18 views

CVE-2026-34947 Discourse: Staged user custom fields are exposed on public invite pages

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, staged user custom fields and username are exposed on public invite pages without email verification. This issue has been...

6.9CVSS0.00054EPSS

Exploits0References1

ATTACKERKB•added 2026/04/03 9:27 p.m.•0 views

CVE-2026-34947

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, staged user custom fields and username are exposed on public invite pages without email verification. This issue has been...

6.9CVSS5.8AI score0.00054EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2026/04/03 12:0 a.m.•1 views

PT-2026-30244

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, staged user custom fields and username are exposed on public invite pages without email verification. This issue has been...

6.9CVSS5.8AI score0.00054EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by