Exposure of Discourse

Message boards

83

exposure score

2,494

sites use

0

exploited

2

critical

CVEs

248 results

CVE-2026-27151LOWDiscourse doesn't validate destination topic when moving postsEPSS 0.2%CVE-2026-32615MEDIUMDiscourse: Category group moderators can perform actions on topics in restricted categories without read accessEPSS 0.2%CVE-2026-27150LOWDiscourse doesn't ensure guardian check when creating QueryGroupBookmarkEPSS 0.2%CVE-2026-26973MEDIUMDiscourse doesn't scope reviewable notes to user-visible reviewablesEPSS 0.2%CVE-2026-26207MEDIUMDIscourse's discourse-policy plugin lacks post access checkEPSS 0.2%CVE-2026-28218MEDIUMDiscourse's Fail-Open Access Control in Data Explorer Plugin Allows Unauthorized SQL Query ExecutionEPSS 0.2%CVE-2026-44783MEDIUMDiscourse: Replying to a whisper lets non-whisperers create staff-only whisper postsEPSS 0.1%CVE-2025-68933MEDIUMDiscourse non-admin moderators can exfiltrate private content via post ownership transferEPSS 0.1%

← previouspage 13 / 13next →

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →