A vulnerability, which was classified as critical , has been found in Discourse up to 2026.1.3/2026.3.0/2026.4.0 . This vulnerability affects unknown code of the component Configuration Handler . Performing a manipulation results in path traversal. This vulnerability is identified as CVE-2026-45775 . The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.