Skip to main content

Discourse CVE-2026-55420

| EUVDEUVD-2026-42665 HIGH
OS Command Injection (CWE-78)
2026-07-09 security-advisories@github.com
8.1
CVSS 3.1 · NVD
Share

Severity by source

Vendor (github) PRIMARY
HIGH
qualitative
NVD
8.1 HIGH
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
7.5 HIGH

Network-delivered upload (AV:N) but requires the non-default discourse-ai PDF/vision config (AC:H) and normally a logged-in uploader (PR:L); delegate RCE yields full host impact (C/I/A:H).

3.1 AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (github).

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

7
Analysis Updated
Jul 13, 2026 - 14:45 vuln.today
v3 (cvss_changed)
Source Code Evidence Fetched
Jul 13, 2026 - 14:45 vuln.today
Analysis Updated
Jul 13, 2026 - 14:45 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jul 13, 2026 - 14:37 vuln.today
cvss_changed
CVSS changed
Jul 13, 2026 - 14:37 NVD
7.5 (HIGH) 8.1 (HIGH)
Patch available
Jul 09, 2026 - 19:01 EUVD
Analysis Generated
Jul 09, 2026 - 18:31 vuln.today

DescriptionNVD

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, under certain non-default configurations, processing of PDF uploads could be exploited to obtain RCE on the server. This issue is patched in 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.

AnalysisAI

Remote code execution in Discourse (via the discourse-ai plugin's PDF-to-text feature) allows an attacker who can upload a crafted PDF to run arbitrary commands on the server, but only in non-default configurations where an LLM vision model is configured. The flaw is a CWE-78 OS command injection reached when uploaded PDFs are rasterized through ImageMagick, which in turn invokes an external delegate (Ghostscript) on attacker-controlled input. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate and gain upload rights
Delivery
Upload crafted PDF with PostScript payload
Exploit
discourse-ai rasterizes PDF via ImageMagick
Execution
ImageMagick invokes Ghostscript delegate on payload
Persist
Shell commands execute
Impact
RCE as Discourse server process

Vulnerability AssessmentAI

Exploitation Exploitation requires a non-default deployment: the discourse-ai plugin must be installed and enabled with an LLM/vision model configured, since the vulnerable ImageMagick rasterization branch in pdf_to_text.rb only runs when @llm_model is set - plain instances that only extract PDF text never reach it. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are mixed and point to a real-but-conditional risk rather than a mass-exploitation event. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario On a Discourse instance running discourse-ai with a configured LLM vision model, an attacker with upload rights posts a specially crafted PDF; when the AI pipeline rasterizes it via ImageMagick, the embedded PostScript/delegate payload executes shell commands on the server, giving code execution as the Discourse process. No public exploit is identified at time of analysis, though the ImageMagick/Ghostscript delegate technique is well documented; AC:H reflects that the target must have the non-default AI PDF configuration enabled.
Remediation Vendor-released patch: upgrade to 2026.6.0, 2026.5.1, 2026.4.2, or 2026.1.5 (whichever matches your release train), per advisory GHSA-7wq5-jgww-5rw3 and the release tags at https://github.com/discourse/discourse/releases; the underlying change is commit ca5a7e06167561928556afa2f237d67e459c6914. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, inventory all Discourse deployments and determine whether the discourse-ai plugin's LLM vision model features are currently enabled; if enabled, prioritize patching immediately per vendor advisory. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-48954 HIGH POC
8.1 Jun 25

Discourse versions prior to 3.5.0.beta6 contain a reflected cross-site scripting (XSS) vulnerability in social login fun

CVE-2024-47773 HIGH POC
8.2 Oct 08

Discourse is an open source platform for community discussion. Rated high severity (CVSS 8.2), this vulnerability is rem

CVE-2021-3138 HIGH POC
7.5 Jan 14

In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypass of the 2FA requirement for certain forms. Rated

CVE-2023-38706 MEDIUM POC
6.5 Sep 15

Discourse is an open-source discussion platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploi

CVE-2024-53991 MEDIUM POC
5.9 Dec 19

Discourse is an open source platform for community discussion. Rated medium severity (CVSS 5.9), this vulnerability is r

CVE-2025-48877 CRITICAL
9.8 Jun 09

Discourse versions prior to 3.4.4 (stable), 3.5.0.beta5 (beta), and 3.5.0.beta6-dev (tests-passed) contain a critical vu

CVE-2023-47121 CRITICAL
9.8 Nov 10

Discourse is an open source platform for community discussion. Rated critical severity (CVSS 9.8), this vulnerability is

CVE-2021-41163 CRITICAL
9.8 Oct 20

Discourse is an open source platform for community discussion. Rated critical severity (CVSS 9.8), this vulnerability is

CVE-2024-49765 CRITICAL
9.1 Dec 19

Discourse is an open source platform for community discussion. Rated critical severity (CVSS 9.1), this vulnerability is

CVE-2026-53963 CRITICAL
9.0 Jul 09

Stored cross-site scripting in the Discourse discussion platform allows a low-privileged registered user to set a malici

CVE-2022-39356 HIGH
8.8 Nov 02

Discourse is a platform for community discussion. Rated high severity (CVSS 8.8), this vulnerability is remotely exploit

CVE-2026-27934 HIGH
8.7 Mar 19

Unauthorized information disclosure in Discourse discussion platform versions prior to 2026.3.0-latest.1, 2026.2.1, and

Share

CVE-2026-55420 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy