Path traversal in Discourse - CVE-2026-45775

 

Path traversal in Discourse - CVE-2026-45775

Published: July 1, 2026


Vulnerability identifier: #VU136585
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-45775
CWE-ID: CWE-22
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Civilized Discourse Construction Kit, Inc.
Affected software:
Discourse

Detailed vulnerability description

The vulnerability allows a remote user to disclose sensitive backup information.

The vulnerability exists due to path traversal in backup download handling when processing a crafted backup download request in a multisite deployment with local backup storage. A remote privileged user can send a specially crafted backup download request to disclose sensitive backup information.

Only multisite deployments using local backup storage are affected. Deployments using S3 backup storage are not affected.


How to mitigate CVE-2026-45775

Install security update from vendor's website.

Sources