Skip to main content

OpenLearn CVE-2026-41243

| EUVDEUVD-2026-25164 MEDIUM
Improper Access Control (CWE-284)
2026-04-23 GitHub_M
6.9
CVSS 4.0 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
6.9 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

7
Patch released
Apr 29, 2026 - 15:39 nvd
Patch available
Analysis Generated
Apr 23, 2026 - 07:02 vuln.today
Patch available
Apr 23, 2026 - 06:16 EUVD
CVSS changed
Apr 23, 2026 - 02:35 NVD
6.9 (MEDIUM)
EUVD ID Assigned
Apr 23, 2026 - 01:15 euvd
EUVD-2026-25164
Analysis Generated
Apr 23, 2026 - 01:15 vuln.today
CVE Published
Apr 23, 2026 - 00:09 nvd
MEDIUM 6.9

DescriptionGitHub Advisory

OpenLearn is open-source educational forum software. Prior to commit 844b2a40a69d0c4911580fe501923f0b391313ab, when safeMode is enabled, unapproved forum posts are hidden from the public list, but the direct post-read procedure still returns the full post to anyone with the post UUID. Commit 844b2a40a69d0c4911580fe501923f0b391313ab fixes the issue.

AnalysisAI

OpenLearn forum software with safeMode enabled allows unauthenticated attackers to bypass post approval restrictions and read unpublished content directly via post UUID, bypassing the public forum list filtering. The vulnerability affects all versions prior to commit 844b2a40a69d0c4911580fe501923f0b391313ab and is remotely exploitable without authentication or user interaction. A vendor patch is available.

Technical ContextAI

OpenLearn implements a safeMode feature intended to hide unapproved forum posts from public enumeration by filtering them from the forum post list. However, the application's direct post-read procedure does not enforce the same approval status checks, allowing an attacker who knows or enumerates a post UUID to retrieve the full unpublished post content regardless of approval state. This is a classic authorization bypass vulnerability (CWE-284: Improper Access Control) where the access control policy is incompletely enforced across different API endpoints. The vulnerability exists in the post retrieval logic which fails to validate safeMode approval state when serving content via direct UUID lookups rather than list queries.

RemediationAI

Update OpenLearn to a version incorporating commit 844b2a40a69d0c4911580fe501923f0b391313ab or later. The patch is available at https://github.com/siemvk/OpenLearn/commit/844b2a40a69d0c4911580fe501923f0b391313ab. If immediate patching is not possible, implement access control enforcement at the application level by adding safeMode approval status validation to the direct post-read endpoint, ensuring unapproved posts return authorization errors rather than full content. Additionally, implement rate limiting on post UUID enumeration attempts and consider logging UUID lookups for audit purposes. Deployments relying on safeMode for compliance should prioritize this patch to prevent unauthorized access to moderation-pending content.

Share

CVE-2026-41243 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy