CVE-2025-68660
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-68660, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-01-28

Last updated on: 2026-01-30

Assigner: GitHub, Inc.

Description

Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, an endpoint lets any authenticated user bypass the ai_discover_persona access controls and gain ongoing DM access to personas that may be wired to staff-only categories, RAG document sets, or automated tooling, enabling unauthorized data disclosure. Because the controller also accepts arbitrary user_id, an attacker can impersonate other accounts to trigger unwanted AI conversations on their behalf, generating confusing or abusive PM traffic. This issue is patched in versions 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0. No known workarounds are available.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-01-28
Last Modified
2026-01-30
Generated
2026-07-06
AI Q&A
2026-01-29
EPSS Evaluated
2026-07-04
NVD
EUVD

Affected Vendors & Products

Showing 4 associated CPEs
Vendor Product Version / Range
discourse discourse to 3.5.4 (exc)
discourse discourse From 2025.11.0 (inc) to 2025.11.2 (exc)
discourse discourse 2025.12.0
discourse discourse 2026.1.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in Discourse allows any authenticated user to bypass access controls on the ai_discover_persona endpoint. This lets them gain ongoing direct message access to personas that may be linked to staff-only categories, restricted document sets, or automated tools, leading to unauthorized data disclosure. Additionally, because the endpoint accepts arbitrary user IDs, an attacker can impersonate other accounts to trigger unwanted AI conversations on their behalf, causing confusing or abusive private message traffic. The issue is fixed in versions 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0.

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information by allowing attackers to access staff-only personas and restricted data. It also enables attackers to impersonate other users to generate unwanted or abusive AI-driven private messages, potentially disrupting communication and trust within the platform.

Mitigation Strategies

Upgrade Discourse to version 3.5.4, 2025.11.2, 2025.12.1, or 2026.1.0, as these versions contain the patch that fixes this vulnerability. No known workarounds are available.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68660. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart