CVE-2026-27150 | Discourse up to 2025.12.1/2026.1.0 validate_before_create authorization

A vulnerability, which was classified as critical, was found in Discourse up to 2025.12.1/2026.1.0. Impacted is the function validate_before_create. Such manipulation leads to missing authorization.

This vulnerability is documented as CVE-2026-27150. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More