Discourse

Security Scorecard

Score

100A

Total CVEs

10

Patch Rate

90%

9 patched

Avg Response

-

days to patch

Critical Gaps

0

exploitable, no detection

Severity Breakdown

Critical0
High1
Medium9
Low0

Patch Status

Patched9 (90%)
Partial/Workaround1 (10%)
Unpatched0 (0%)

CVEs (10)

CVE IDTitleSeverityScoreDaysPatch
CVE-2025-66488Discourse S3 Upload VulnerabilityMedium4.6-Patched
CVE-2025-67723Discourse Math Plugin XSSMedium4.6-Patched
CVE-2025-68659Discourse Denial of Service VulnerabilityMedium4.3-Patched
CVE-2025-68662Discourse SSRF BypassHigh7.6-Patched
CVE-2025-68933Discourse Server Privilege EscalationMedium6.9-Patched
CVE-2025-68934Discourse Discussion Platform VulnerabilityMedium6.5-Patched
CVE-2026-24742Discourse Staff Action Log BypassMedium6.5-Patched
CVE-2025-61598-Medium5.3-Patched
CVE-2025-59337-Medium6.8-Partial
CVE-2025-58055-Medium4.3-Patched