Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
4DescriptionGitHub Advisory
Zulip is an open-source team collaboration tool. Prior to version 11.6, Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, even after spectator access (enable_spectator_access / WEB_PUBLIC_STREAMS_ENABLED) is disabled, attachments originating from web-public streams can still be retrieved anonymously. As a result, file contents remain accessible even after public access is intended to be disabled. Similarly, even after spectator access is disabled, the /users/me/<stream_id>/topics endpoint remains reachable anonymously, allowing retrieval of topic history for web-public streams. This issue has been patched in version 11.6. This issue has been patched in version 11.6.
AnalysisAI
Zulip versions 1.4.0 through 11.5 allow unauthenticated retrieval of attachments and topic history from web-public streams even after spectator access is disabled, due to incomplete access control on attachment serving and the /users/me/<stream_id>/topics endpoint. An attacker can bypass intended access restrictions to read file contents and stream metadata after public access is supposed to be revoked. The vulnerability affects all Zulip deployments that previously enabled spectator access and then disabled it. Vendor-released patch: version 11.6.
Technical ContextAI
Zulip's spectator access feature (enable_spectator_access / WEB_PUBLIC_STREAMS_ENABLED) is designed to allow temporary public visibility of streams and attachments. The vulnerability stems from improper revocation logic in CWE-862 (Missing Authorization): when administrators disable spectator access, the application fails to enforce authentication checks on two critical endpoints - the attachment retrieval mechanism and the /users/me/<stream_id>/topics endpoint. These endpoints retain anonymous accessibility because the application does not verify that the user making the request has legitimate access to the stream in question. The CPE cpe:2.3:a:zulip:zulip:*:*:*:*:*:*:*:* indicates all Zulip product versions are in scope, though the vulnerability manifests only in versions 1.4.0 through 11.5 where this access control logic was first introduced and remained incomplete.
RemediationAI
Vendor-released patch: upgrade to Zulip version 11.6 or later. This version restores proper authentication enforcement on attachment retrieval and the /users/me/<stream_id>/topics endpoint when spectator access is disabled. Administrators should prioritize this upgrade if they have previously used or currently use spectator access features. No interim workaround is documented; the only mitigation prior to patching is to avoid disabling spectator access if public streams must remain confidential, or to prevent unauthorized API access through network-level controls. For more details, see the release notes at https://github.com/zulip/zulip/releases/tag/11.6 and the upstream fix commits at https://github.com/zulip/zulip/commit/3c045414299680b9f5dca7d76cf6cef6121c0236 and https://github.com/zulip/zulip/commit/41e23347b5218b3b0397a55176c7d97396735bae.
Zulip is an open source team chat server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable,
Zulip is an open source team chat tool. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low
Jenkins Zulip Plugin 1.1.0 and earlier stored credentials unencrypted in its global configuration file on the Jenkins ma
Zulip is an open source group chat application. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitab
Path traversal in Zulip's ./manage.py import function allows local attackers to read arbitrary files from the server fil
Zulip is an open-source team collaboration tool. Prior to 12.0, With message_edit_history_visibility_policy set to "move
Zulip is an open source team chat and Zulip Mobile is an app for iOS and Andriod users. Rated medium severity (CVSS 5.7)
Zulip 8.3 is vulnerable to Cross Site Scripting (XSS) via the construct_copy_div function in copy_and_paste.js. Rated me
Zulip 8.3 is vulnerable to Cross Site Scripting (XSS) via the replace_emoji_with_text function in ui_util.ts. Rated medi
Zulip is an open source group chat application that combines real-time chat with threaded conversations. Rated medium se
Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. Rated medium se
Zulip is an open-source team collaboration tool with unique topic-based threading. Rated low severity (CVSS 3.7), this v
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-18835