CVE-2026-27021 | Discourse up to 2025.12.1/2026.1.0 Voters Endpoint authorization

Inserito da Angelo Barbosa | Feb 26, 2026 | CVE

A vulnerability was found in Discourse up to 2025.12.1/2026.1.0. It has been declared as problematic. This impacts an unknown function of the component Voters Endpoint. The manipulation results in missing authorization.

This vulnerability is known as CVE-2026-27021. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2026-27021 | Discourse up to 2025.12.1/2026.1.0 Voters Endpoint authorization

Post correlati

CVE-2024-49142 | Microsoft Access use after free

CVE-2024-34413 | SliceWP Plugin up to 1.1.10 on WordPress cross site scripting

CVE-2023-49028 | smpn1smg absis up to 2017-10-19 lock/lock.php user cross site scripting

CVE-2024-38786 | BurgerThemes CoziPress Plugin up to 1.0.30 on WordPress cross site scripting