66 matches found
EUVD-2026-43060
Missing Authorization vulnerability in Drupal AI Agents allows Forceful Browsing. This issue affects AI Agents versions: from 0.0.0 to 1.1.4, from 1.2.0 to 1.2.5, from 1.3.0 to 1.3.1...
EUVD-2026-43059
Missing Authorization vulnerability in Drupal AI Artificial Intelligence allows Forceful Browsing. This issue affects AI Artificial Intelligence versions: from 0.0.0 to 1.2.17, from 1.3.0 to 1.3.8, from 1.4.0 to 1.4.3...
EUVD-2026-43058
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AI Artificial Intelligence allows Cross-Site Scripting XSS. This issue affects AI Artificial Intelligence versions: from 0.0.0 to 1.2.17, from 1.3.0 to 1.3.8, from 1.4.0 to 1.4.3...
CVE-2026-13234
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AI Artificial Intelligence allows Cross-Site Scripting XSS. This issue affects AI Artificial Intelligence versions: from 0.0.0 to 1.2.17, from 1.3.0 to 1.3.8, from 1.4.0 to 1.4.3...
CVE-2026-13236
Missing Authorization vulnerability in Drupal AI Agents allows Forceful Browsing. This issue affects AI Agents versions: from 0.0.0 to 1.1.4, from 1.2.0 to 1.2.5, from 1.3.0 to 1.3.1...
CVE-2026-13237
Incorrect Authorization vulnerability in Drupal AI Agents allows Forceful Browsing. This issue affects AI Agents versions: from 0.0.0 to 1.1.4, from 1.2.0 to 1.2.5, from 1.3.0 to 1.3.1...
CVE-2026-15085
The affected software is the Drupal AI SEO/GEO Analyzer module. It is vulnerable to Stored Cross‑site Scripting (XSS) in versions 0.0.0 through 1.1.3. The root cause, as described in the connected DRUPAL-SA-CONTRIB-2026-076 entry and PT-2026-56665, is that the module sends entity content (includi...
CVE-2026-13237
CVE-2026-13237 affects Drupal AI Agents (versions 0.0.0–1.1.4, 1.2.0–1.2.5, 1.3.0–1.3.1). Root cause: Incorrect Authorization allowing Forceful Browsing, potentially enabling information disclosure and minor integrity concerns. The issue is documented across multiple sources (Drual SA-CONTRIB-202...
CVE-2026-13237 AI Agents - Moderately critical - Information disclosure, Access bypass - SA-CONTRIB-2026-057
Incorrect Authorization vulnerability in Drupal AI Agents allows Forceful Browsing. This issue affects AI Agents versions: from 0.0.0 to 1.1.4, from 1.2.0 to 1.2.5, from 1.3.0 to 1.3.1...
CVE-2026-13236
The CVE CVE-2026-13236 concerns a Missing Authorization issue in Drupal AI Agents that enables forceful browsing. Technical details across connected sources show that the vulnerability resides in the Drupal AI Agents module, where the tool-loading path does not sufficiently verify permissions on ...
CVE-2026-13236 AI Agents - Less critical - Access bypass - SA-CONTRIB-2026-056
Missing Authorization vulnerability in Drupal AI Agents allows Forceful Browsing. This issue affects AI Agents versions: from 0.0.0 to 1.1.4, from 1.2.0 to 1.2.5, from 1.3.0 to 1.3.1...
CVE-2026-13236 AI Agents - Less critical - Access bypass - SA-CONTRIB-2026-056
Missing Authorization vulnerability in Drupal AI Agents allows Forceful Browsing. This issue affects AI Agents versions: from 0.0.0 to 1.1.4, from 1.2.0 to 1.2.5, from 1.3.0 to 1.3.1...
CVE-2026-13235 AI (Artificial Intelligence) - Moderately critical - Access bypass - SA-CONTRIB-2026-055
Missing Authorization vulnerability in Drupal AI Artificial Intelligence allows Forceful Browsing. This issue affects AI Artificial Intelligence versions: from 0.0.0 to 1.2.17, from 1.3.0 to 1.3.8, from 1.4.0 to 1.4.3...
CVE-2026-13234 AI (Artificial Intelligence) - Moderately critical - Information Disclosure / Cross-site Scripting - SA-CONTRIB-2026-054
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AI Artificial Intelligence allows Cross-Site Scripting XSS. This issue affects AI Artificial Intelligence versions: from 0.0.0 to 1.2.17, from 1.3.0 to 1.3.8, from 1.4.0 to 1.4.3...
PT-2026-52170
Name of the Vulnerable Software and Affected Versions Drupal AI Agents versions 0.0.0 through 1.1.4 Drupal AI Agents versions 1.2.0 through 1.2.5 Drupal AI Agents versions 1.3.0 through 1.3.1 Description An incorrect authorization issue allows forceful browsing. Under certain conditions, the agen...
CVE-2026-3573
A flaw was found in Drupal AI Artificial Intelligence. An incorrect authorization vulnerability allows for resource injection. This issue enables an attacker to inject unauthorized resources, potentially leading to unintended system behavior or compromise...
CVE-2026-3573
Incorrect Authorization vulnerability in Drupal AI Artificial Intelligence allows Resource Injection.This issue affects AI Artificial Intelligence: from 0.0.0 before 1.1.11, from 1.2.0 before 1.2.12...
CVE-2026-3573
Incorrect Authorization vulnerability in Drupal AI Artificial Intelligence allows Resource Injection.This issue affects AI Artificial Intelligence: from 0.0.0 before 1.1.11, from 1.2.0 before 1.2.12...
CVE-2026-3573 AI (Artificial Intelligence) - Moderately critical - Information Disclosure - SA-CONTRIB-2026-028
Incorrect Authorization vulnerability in Drupal AI Artificial Intelligence allows Resource Injection.This issue affects AI Artificial Intelligence: from 0.0.0 before 1.1.11, from 1.2.0 before 1.2.12...
CVE-2026-3573
CVE-2026-3573 affects Drupal AI (Artificial Intelligence). Multiple sources confirm an incorrect authorization vulnerability that allows resource injection. Affected versions: Drupal AI 0.0.0 through 1.1.10 and 1.2.0 through 1.2.11. Under certain conditions, rendering HTML/Markdown via the module...