diff --git a/core/modules/forum/src/ForumManager.php b/core/modules/forum/src/ForumManager.php
index 9ae35ea438..aa7f2b19af 100644
--- a/core/modules/forum/src/ForumManager.php
+++ b/core/modules/forum/src/ForumManager.php
@@ -332,9 +332,16 @@ protected function getLastPost($tid) {
     if (!empty($this->lastPostData[$tid])) {
       return $this->lastPostData[$tid];
     }
-    // Query "Last Post" information for this forum.
-    $query = $this->connection->select('node', 'n');
-    $query->join('forum_index', 'f', 'n.nid = f.nid');
+    // Query "Last Post" information for this forum. Only add the node table to
+    // the query if this is necessary for filtering access-restricted records.
+    if ($this->currentUserCanViewAllNodes()) {
+      $query = $this->connection->select('forum_index', 'f');
+    }
+    else {
+      $query = $this->connection->select('node', 'n')
+        ->addTag('node_access');
+      $query->join('forum_index', 'f', 'n.nid = f.nid');
+    }
     $query->join('comment_entity_statistics', 'ces', "f.nid = ces.entity_id AND ces.field_name = 'comment_forum' AND ces.entity_type = 'node'");
     $query->join('users_field_data', 'u', 'ces.last_comment_uid = u.uid AND u.default_langcode = 1');
     $query->addExpression('COALESCE(ces.last_comment_name, u.name)', 'last_comment_name');
@@ -344,7 +351,6 @@ protected function getLastPost($tid) {
       ->condition('f.tid', $tid)
       ->orderBy('f.last_comment_timestamp', 'DESC')
       ->range(0, 1)
-      ->addTag('node_access')
       ->execute()
       ->fetchObject();
 
@@ -371,16 +377,23 @@ protected function getLastPost($tid) {
    */
   protected function getForumStatistics($tid) {
     if (empty($this->forumStatistics)) {
-      // Prime the statistics.
-      $query = $this->connection->select('node', 'n');
-      $query->join('forum_index', 'f', 'n.nid = f.nid');
+      // Prime the statistics. Only add the node table to the query if this is
+      // necessary for filtering access-restricted records.
+      if ($this->currentUserCanViewAllNodes()) {
+        $query = $this->connection->select('forum_index', 'f');
+      }
+      else {
+        $query = $this->connection->select('node', 'n')
+          ->addTag('node_access');
+        $query->join('forum_index', 'f', 'n.nid = f.nid');
+      }
       $query->addExpression('COUNT(f.nid)', 'topic_count');
       $query->addExpression('SUM(f.comment_count)', 'comment_count');
+
       $this->forumStatistics = $query
         ->fields('f', ['tid'])
         ->groupBy('tid')
         ->orderBy('NULL')
-        ->addTag('node_access')
         ->execute()
         ->fetchAllAssoc('tid');
     }
@@ -391,6 +404,19 @@ protected function getForumStatistics($tid) {
   }
 
   /**
+   * Checks if the current user can view all nodes.
+   *
+   * This is a private method which will/may ONLY be used for modifying queries
+   * in a way that does not alter the returned results. (Under this condition it
+   * is not a huge problem that this method calls a global, non-injected
+   * function; there is no real 'injectable' alternative for it yet.)
+   */
+  private function currentUserCanViewAllNodes() {
+    $account = \Drupal::currentUser();
+    return $account->hasPermission('bypass node access') || node_access_view_all_nodes($account);
+  }
+
+  /**
    * {@inheritdoc}
    */
   public function getChildren($vid, $tid) {