A vulnerability, which was classified as problematic, was found in Discourse up to 2026.1.4/2026.4.1/2026.5.0. Affected by this vulnerability is an unknown functionality of the component Tag Management. Executing a manipulation can lead to improper authorization.

The identification of this vulnerability is CVE-2026-49256. The attack may be launched remotely. There is no exploit available.