CVE-2026-41243

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

5.4 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N                                    

Vulnerability Description

OpenLearn is open-source educational forum software. Prior to commit 844b2a40a69d0c4911580fe501923f0b391313ab, when `safeMode` is enabled, unapproved forum posts are hidden from the public list, but the direct post-read procedure still returns the full post to anyone with the post UUID. Commit 844b2a40a69d0c4911580fe501923f0b391313ab fixes the issue.

Vulnerability Details

Published Date

April 23, 2026

Last Modified

April 29, 2026

CWE ID

CWE-284

Source

NVD

Vendor

siemvk

Product

OpenLearn

External References

https://github.com/siemvk/OpenLearn/commit/844b2a40a69d0c4911580fe501923f0b391313ab
https://github.com/siemvk/OpenLearn/security/advisories/GHSA-4rv3-hfh6-vqvm

CVE-2026-41243

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment