CVE-2026-27153 | Discourse up to 2025.12.1/2026.1.0 CSV Export Endpoint authorization (GHSA-5cp2-jq8m-33mf)

Inserito da Angelo Barbosa | Feb 27, 2026 | CVE

A vulnerability was found in Discourse up to 2025.12.1/2026.1.0. It has been rated as problematic. This affects an unknown part of the component CSV Export Endpoint. Performing a manipulation results in incorrect authorization.

This vulnerability is known as CVE-2026-27153. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is advised.

CVE-2026-27153 | Discourse up to 2025.12.1/2026.1.0 CSV Export Endpoint authorization (GHSA-5cp2-jq8m-33mf)

Post correlati

CVE-2024-5767 | WP-FeedStats sitetweet Plugin up to 0.2 on WordPress cross site scripting

Phoenix SecureCore Technology 4 SPI Flash access control

CVE-2026-22637 | SICK Incoming Goods Suite up to 1.2.0 cross site scripting

CVE-2025-5592 | FreeFloat FTP Server 1.0 PASSIVE Command buffer overflow