Vulnerabilities

CVE-2026-30889

by Fred · 20/03/2026

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, a moderator could exploit insufficient authorization checks to access metadata of posts they should not have permission to view. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a patch.

More information : https://github.com/discourse/discourse/security/advisories/GHSA-5qm9-r98f-g4mq

Similar

Tags: Cybersecurity Alert