A vulnerability classified as problematic was found in Discourse up to 2026.1.3/2026.3.0/2026.4.0 . This affects an unknown part of the component Calendar Event Handler . Such manipulation leads to missing authorization. This vulnerability is referenced as CVE-2026-45085 . It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.