CVE-2025-68660
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-28

Last updated on: 2026-01-30

Assigner: GitHub, Inc.

Description
Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, an endpoint lets any authenticated user bypass the ai_discover_persona access controls and gain ongoing DM access to personas that may be wired to staff-only categories, RAG document sets, or automated tooling, enabling unauthorized data disclosure. Because the controller also accepts arbitrary user_id, an attacker can impersonate other accounts to trigger unwanted AI conversations on their behalf, generating confusing or abusive PM traffic. This issue is patched in versions 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0. No known workarounds are available.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-28
Last Modified
2026-01-30
Generated
2026-06-16
AI Q&A
2026-01-29
EPSS Evaluated
2026-06-14
NVD
CVE-2025-68660
EUVD
EUVD-2025-206452
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
discourse discourse to 3.5.4 (exc)
discourse discourse From 2025.11.0 (inc) to 2025.11.2 (exc)
discourse discourse 2025.12.0
discourse discourse 2026.1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in Discourse allows any authenticated user to bypass access controls on the ai_discover_persona endpoint. This lets them gain ongoing direct message access to personas that may be linked to staff-only categories, restricted document sets, or automated tools, leading to unauthorized data disclosure. Additionally, because the endpoint accepts arbitrary user IDs, an attacker can impersonate other accounts to trigger unwanted AI conversations on their behalf, causing confusing or abusive private message traffic. The issue is fixed in versions 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0.

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information by allowing attackers to access staff-only personas and restricted data. It also enables attackers to impersonate other users to generate unwanted or abusive AI-driven private messages, potentially disrupting communication and trust within the platform.

Mitigation Strategies

Upgrade Discourse to version 3.5.4, 2025.11.2, 2025.12.1, or 2026.1.0, as these versions contain the patch that fixes this vulnerability. No known workarounds are available.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68660. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart