CVE-2026-32951 | Discourse up to 2026.1.2/2026.2.1 Parameter category_id information disclosure

A vulnerability categorized as problematic has been discovered in Discourse up to 2026.1.2/2026.2.1. Affected is an unknown function of the component Parameter Handler. The manipulation of the argument category_id results in information disclosure.

This vulnerability is cataloged as CVE-2026-32951. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More