Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| discourse | discourse | affected |
|
Configuration 1 [-]
|
No data.
| Vendor | Product | Confidence | Versions | ||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Discourse | Discourse | 100% |
|
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Mon, 01 Jun 2026 14:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | NVD-CWE-noinfo | |
| CPEs | cpe:2.3:a:discourse:discourse:*:*:*:*:latest:*:*:* cpe:2.3:a:discourse:discourse:2026.5.0:*:*:*:latest:*:*:* |
Tue, 19 May 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 19 May 2026 01:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Discourse
Discourse discourse |
|
| Vendors & Products |
Discourse
Discourse discourse |
Tue, 19 May 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content to anonymous and unprivileged users who cannot regenerate summaries. This issue has been fixed in versions 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1. To work around this issue, restrict summary generation by tightening the allowed groups on the summarization Personas. | |
| Title | Discourse: Cached outdated summaries can leak removed content | |
| Weaknesses | CWE-200 CWE-524 CWE-672 |
|
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-05-19T16:27:05.119Z
Reserved: 2026-03-11T14:47:05.685Z
Link: CVE-2026-32244
Vulnrichment
Updated: 2026-05-19T16:27:01.118Z
NVD
Status : Analyzed
Published: 2026-05-19T00:16:37.100
Modified: 2026-06-17T10:35:25.030
Link: CVE-2026-32244
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-01T16:00:17Z