Discourse

215 tracked vulnerabilities.

CVE-2025-68662 HIGH
Discourse <3.5.4, <2025.11.2, <2025.12.1, <2026.1.0 - Auth Bypass
Jan 28, 2026
CVSS 7.6
EPSS 0.00
CVE-2025-68660 MEDIUM
Discourse <3.5.4,2025.11.2,2025.12.1,2026.1.0 - Auth Bypass
Jan 28, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-68659 MEDIUM
Discourse <3.5.4,2025.11.2,2025.12.1,2026.1.0 - DoS
Jan 28, 2026
CVSS 4.3
EPSS 0.00
CVE-2025-68479 HIGH
Discourse < 3.5.4 - Missing Authorization
Jan 28, 2026
CVSS 7.1
EPSS 0.00
CVE-2025-67723 MEDIUM
Discourse < 3.5.4 - XSS
Jan 28, 2026
CVSS 4.6
EPSS 0.00
CVE-2025-66488 MEDIUM
Discourse <3.5.4-2026.1.0 - Info Disclosure
Jan 28, 2026
CVSS 4.6
EPSS 0.00
CVE-2025-64528 MEDIUM
Discourse <3.5.3, <2025.11.1, <2025.12.0 - Info Disclosure
Dec 30, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-61598 MEDIUM
Discourse <3.6.2-3.6.0.beta2 - Info Disclosure
Oct 28, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-59337 MEDIUM
Discourse < 3.5.1 - Command Injection
Oct 01, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-58055 MEDIUM
Discourse < 3.5.1 - Improper Access Control
Oct 01, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-58054 LOW
Discourse < 3.5.0 - Basic XSS
Oct 01, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-54411 MEDIUM
Discourse < 3.5.0 - XSS
Aug 19, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-53102 CRITICAL
Discourse <3.4.7-3.5.0.beta.8 - Info Disclosure
Jul 29, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-49845 HIGH
Discourse < 3.4.6 - Information Disclosure
Jun 25, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-48954 HIGHNUCLEI
Discourse <3.5.0.beta6 - XSS
Jun 25, 2025
CVSS 8.1
EPSS 0.16
CVE-2025-48877 CRITICAL
Discourse <3.4.4-3.5.0.beta5-3.5.0.beta6-dev - XSS
Jun 09, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-48062 HIGH
Discourse <3.4.4, <3.5.0.beta5, <3.5.0.beta6-dev - XSS
Jun 09, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-48053 HIGH
Discourse < 3.4.4 - Denial of Service
Jun 09, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-46813 MEDIUM
Discourse - Info Disclosure
May 05, 2025
CVSS 5.8
EPSS 0.00
CVE-2025-32376 MEDIUM
Discourse < 3.4.3 - Improper Access Control
Apr 30, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-24972 MEDIUM
Discourse <3.3.4, <3.4.0.beta5 - Info Disclosure
Mar 26, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-24808 MEDIUM
Discourse < 3.3.3 - Race Condition
Mar 26, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-53994 MEDIUM
Discourse - Info Disclosure
Feb 04, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-53851 MEDIUM
Discourse - DoS
Feb 04, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-53266 MEDIUM
Discourse < 3.3.3 - XSS
Feb 04, 2025
CVSS 4.3
EPSS 0.00
Products
discourse 188 calendar 4 discourse_calendar 3 discourse-chat 3 discourse_reactions 2 discourse_footnote 1 discourse_jira 1 discourse_yearly_review 1 group_membership_ip_blocks 1 mermaid 1 message_bus 1 microsoft_authentication 1 patreon 1 rails_multisite 1 ai 1 reactions 1 assign 1 discotoc 1 discourse_bbcode 1 discourse-encrypt 1
Quick Filters
Critical CVEs With Exploits In CISA KEV