CVE-2026-32244 Overview
CVE-2026-32244 is an information disclosure vulnerability in Discourse, an open-source discussion platform. The flaw allows outdated cached AI summaries to expose removed content to anonymous and unprivileged users who lack permission to regenerate summaries. The issue is classified under CWE-200: Exposure of Sensitive Information to an Unauthorized Actor.
The vulnerability affects Discourse versions prior to 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1. Maintainers fixed the issue in those releases. The flaw is exploitable over the network without authentication or user interaction.
Critical Impact
Anonymous and unprivileged users can read removed forum content through stale AI summary caches, undermining moderation actions and content deletion workflows.
Affected Products
- Discourse versions prior to 2026.1.4
- Discourse versions prior to 2026.3.1
- Discourse versions prior to 2026.4.1 and 2026.5.0-latest.1
Discovery Timeline
- 2026-05-19 - CVE-2026-32244 published to NVD
- 2026-05-19 - Last updated in NVD database
Technical Details for CVE-2026-32244
Vulnerability Analysis
The vulnerability resides in how Discourse caches AI-generated topic summaries. When moderators or authors remove content from a topic, the cached summary continues to reference the removed material. Discourse serves this stale cache to viewers who do not have permission to trigger summary regeneration.
As a result, anonymous visitors and unprivileged authenticated users can read content that should no longer be visible. The cache lifecycle does not invalidate summaries when underlying posts are deleted, edited, or hidden. This breaks the expected confidentiality boundary between published and removed content.
The issue is categorized as [CWE-200] information exposure. The attack requires no authentication, no user interaction, and minimal complexity, making it trivial to reach the vulnerable cache layer from the public internet.
Root Cause
The root cause is an incomplete cache invalidation strategy for AI summarization output. Summary regeneration is gated by group membership through summarization Personas, but cache reads are not similarly gated against content state changes. Removed posts therefore persist in summary text served to lower-privileged viewers.
Attack Vector
An attacker browses to a Discourse topic that previously contained sensitive or moderated content. The platform serves the cached AI summary generated before the content was removed. The attacker reads removed posts directly from the summary without authentication. See the GitHub Security Advisory GHSA-hjmg-2mww-vfvx for vendor-published technical details.
Detection Methods for CVE-2026-32244
Indicators of Compromise
- Anonymous or unauthenticated requests to AI summary endpoints on topics that contain recently deleted posts.
- Application logs showing summary cache hits served after post deletion events without intervening regeneration events.
- User reports describing visibility of content that was previously removed by moderators.
Detection Strategies
- Audit Discourse application logs for summary requests correlated with recent post deletion or edit timestamps.
- Review group membership on summarization Personas and identify summaries generated by overly broad permission sets.
- Compare current topic content against served summary text to identify references to removed posts.
Monitoring Recommendations
- Enable verbose logging on Discourse AI summarization endpoints and forward to a centralized SIEM.
- Alert on anonymous access patterns to summary endpoints for topics with high deletion or moderation activity.
- Track Discourse version inventory across hosted and self-managed instances to confirm patch deployment.
How to Mitigate CVE-2026-32244
Immediate Actions Required
- Upgrade Discourse to 2026.1.4, 2026.3.1, 2026.4.1, or 2026.5.0-latest.1 based on your release branch.
- Restrict summarization Personas to trusted groups to limit who can trigger summary generation and caching.
- Purge existing AI summary caches after upgrading to remove residual exposure from prior caches.
Patch Information
Discourse maintainers released fixed versions 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1. Refer to the GitHub Security Advisory GHSA-hjmg-2mww-vfvx for full release details and upgrade guidance.
Workarounds
- Tighten the allowed groups on the summarization Personas to restrict summary generation to vetted users.
- Disable AI summarization features on sensitive categories until the upgrade is applied.
- Manually invalidate or clear cached summaries after any content removal action.
# Configuration example: restrict summarization Personas in Discourse admin
# Navigate to: Admin > Plugins > Discourse AI > Personas > Summarization
# Set "Allowed Groups" to trusted groups only, for example: staff, trust_level_4
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
