CVE-2025-68934
BaseFortify
Publication date: 2026-01-28
Last updated on: 2026-01-30
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| discourse | discourse | to 3.5.4 (exc) |
| discourse | discourse | From 2025.11.0 (inc) to 2025.11.2 (exc) |
| discourse | discourse | 2025.12.0 |
| discourse | discourse | 2026.1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-770 | The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Discourse allows authenticated users to submit specially crafted payloads to the /drafts.json endpoint, which causes an O(n^2) processing complexity in the Base62.decode function. This results in workers being tied up for 35-60 seconds per request, exhausting the shared worker pool and affecting all users.
How can this vulnerability impact me? :
The vulnerability can cause denial of service by exhausting the shared worker pool, leading to degraded performance or unavailability of the Discourse platform for all users during the attack.
What immediate steps should I take to mitigate this vulnerability?
Upgrade Discourse to one of the patched versions: 3.5.4, 2025.11.2, 2025.12.1, or 2026.1.0. As a temporary measure, lowering the max_draft_length site setting can reduce the attack surface, but it does not fully mitigate the issue.