CVE-2026-33185 MEDIUM

CVE-2026-33185: Discourse: Group SMTP test endpoint susceptible to SSRF

Vendor Discourse
Product discourse
Weakness CWE-918 · SSRF
Published March 31, 2026
Last update April 1, 2026
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

What the vulnerability does

01Description

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the group email settings test endpoint could be used to make the server initiate outbound connections to arbitrary hosts and ports. This could allow probing of internal network infrastructure. The endpoint was accessible to non-staff group owners. This issue has been patched in versions 2026.1.3, 2026.2.2, and 2026.3.0.

Key dates

02Disclosure timeline

March 31, 2026 CVE published
April 1, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-47578 Multiple vulnerabilities in SAP NetWeaver AS for JAVA(Adobe Document Services) CVE-2026-5530 Ollama Model Pull API download.go server-side request forgery CVE-2024-38728 WordPress Seraphinite Post .DOCX Source plugin <= 2.16.9 - Server Side Request Forgery (SSRF) vulnerability CVE-2024-13924 Starter Templates by FancyWP <= 2.0.0 - Unauthenticated Blind Server-Side Request Forgery CVE-2026-4231 vanna-ai vanna Endpoint __init__.py run_sql server-side request forgery