This vulnerability allows anonymous or unprivileged users to view content that has been removed, because the system continues to serve stale AI summaries that were cached before the deletion. The problem exists in Discourse versions before 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1. The affected condition provides an information disclosure of content that should no longer be visible, mapping to CWE‑200, CWE‑524, CWE‑672 and NVD‑CWE‑noinfo.

The issue affects installations of the Discourse open‑source discussion platform, specifically versions prior to 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1. Those running earlier builds are susceptible; up‑to‑date releases contain the fix.

The CVSS score of 5.3 indicates moderate severity; the EPSS score of 0.00039 indicates a very low probability of exploitation, suggesting no known exploit activity to date, and the vulnerability is not listed in CISA’s KEV catalog. Likely exploitation requires access to the AI summary endpoint, which any authenticated or anonymous user can reach; therefore, the attack vector is inferred to be a web request to the summary API. Attackers can then read the cached summary that contains the removed content. Because the flaw persists until the summary is regenerated, the exposure can last for an arbitrary period.