Description
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the AI "explain" helper only checks can_see? on the post being explained, not its reply_to_post, so any authenticated user with access to the AI helper could read the raw contents of a hidden parent post by invoking "Explain" on a reply to it. This issue has been patched in versions 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1.
Published: 2026-06-12
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability allows an authenticated user who has permission to use the AI "explain" helper to read the raw contents of a hidden parent post by requesting an explanation of one of its replies. The flaw exists because the code only checks visibility of the target post, not the reply_to_post. This results in accidental disclosure of data that should remain hidden, and is classified as CWE‑200.

Affected Systems

Discourse, the open‑source discussion platform, is affected. Versions from 2026.1.0 up to just before 2026.1.4, from 2026.3.0 up to just before 2026.3.1, and from 2026.4.0 up to just before 2026.4.1 are vulnerable. The issue was patched in 2026.1.4, 2026.3.1, 2026.4.1 and subsequently in 2026.5.0.

Risk and Exploitability

The risk is moderate with a CVSS score of 4.3 and an EPSS of less than 1%, indicating a low likelihood of exploitation in the wild. The attack requires an authenticated user, not an unauthenticated external attacker, and relies on the user interacting with the AI explain feature. The vulnerability is not listed in the CISA KEV catalog, suggesting no current known large‑scale exploitation. Nonetheless, the data exposure could be significant if the hidden content is sensitive.

Generated by OpenCVE AI on June 12, 2026 at 22:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Discourse version 2026.1.4 or newer, including the other patched releases
  • If an upgrade is not immediately possible, disable or restrict the AI explain helper for users who can view hidden posts
  • Review and tighten permissions so that only authorized users can trigger the AI explain feature on reply posts

Generated by OpenCVE AI on June 12, 2026 at 22:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 12 Jun 2026 22:45:00 +0000

Type Values Removed Values Added
First Time appeared Discourse
Discourse discourse
Vendors & Products Discourse
Discourse discourse

Fri, 12 Jun 2026 21:00:00 +0000

Type Values Removed Values Added
Description Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the AI "explain" helper only checks can_see? on the post being explained, not its reply_to_post, so any authenticated user with access to the AI helper could read the raw contents of a hidden parent post by invoking "Explain" on a reply to it. This issue has been patched in versions 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1.
Title Discourse: Hidden reply-to post raw can be disclosed through AI explain prompts
Weaknesses CWE-200
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Discourse Discourse
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-12T20:24:39.155Z

Reserved: 2026-05-07T19:20:44.691Z

Link: CVE-2026-44785

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-12T21:16:22.180

Modified: 2026-06-12T21:16:22.180

Link: CVE-2026-44785

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-12T22:30:08Z

Weaknesses
  • CWE-200

    Exposure of Sensitive Information to an Unauthorized Actor