Lucene search
K

82 matches found

EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43054

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Plotly.js Graphing allows Object Injection. This issue affects Plotly.js Graphing versions: from 0.0.0 to 3.0.2...

6.1AI score0.00161EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43078

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal ECA: Event - Condition - Action allows Object Injection. This issue affects ECA: Event - Condition - Action versions: from 0.0.0 to 2.1.20, from 3.0.0 to 3.0.12, from 3.1.0 to 3.1.4...

6.1AI score0.002EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43081

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0.0 to 11.0.,...

6.1AI score0.00161EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-43082

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0.0 to 11.0.,...

6.1AI score0.00161EPSS
Exploits0References2
NVD
NVD
added 4 days ago7 views

CVE-2026-55804

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0.0 to 11.0.,...

5.9CVSS0.00161EPSS
Exploits0References1
NVD
NVD
added 4 days ago5 views

CVE-2026-55803

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0.0 to 11.0.,...

5.9CVSS0.00161EPSS
Exploits0References1
NVD
NVD
added 4 days ago7 views

CVE-2026-15083

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal ECA: Event - Condition - Action allows Object Injection. This issue affects ECA: Event - Condition - Action versions: from 0.0.0 to 2.1.20, from 3.0.0 to 3.0.12, from 3.1.0 to 3.1.4...

4.2CVSS0.002EPSS
Exploits0References1
NVD
NVD
added 4 days ago5 views

CVE-2026-13244

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Tealium iQ Tag Management allows Object Injection. This issue affects Tealium iQ Tag Management versions: from 0.0.0 to 2.4.0...

8.1CVSS0.00417EPSS
Exploits0References1
OSV
OSV
added 4 days ago2 views

CVE-2026-55804 Drupal core - Moderately critical - Gadget chain - SA-CORE-2026-006

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0.0 to 11.0.,...

5.9CVSS6.1AI score0.00161EPSS
Exploits0References5
CVE
CVE
added 4 days ago466 views

CVE-2026-55803

Drupal core is affected by CVE-2026-55803: Improperly Controlled Modification of Dynamically-Determined Object Attributes, enabling PHP object injection via deserialization. Affected versions include 0.0.0–10.5.12, 10.6.0–10.6.11, 11.2.0–11.2.14, 11.3.0–11.3.12, and 0.0.0–11.0.* / 11.1.*. Remedia...

5.9CVSS6.1AI score0.00161EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-55803 Drupal core - Critical - PHP object injection - SA-CORE-2026-005

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0.0 to 11.0.,...

0.00161EPSS
Exploits0References1
OSV
OSV
added 4 days ago2 views

CVE-2026-55803 Drupal core - Critical - PHP object injection - SA-CORE-2026-005

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0.0 to 11.0.,...

5.9CVSS6.1AI score0.00161EPSS
Exploits0References5
OSV
OSV
added 4 days ago2 views

CVE-2026-15083 ECA: Event - Condition - Action - Less critical - Information disclosure - SA-CONTRIB-2026-074

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal ECA: Event - Condition - Action allows Object Injection. This issue affects ECA: Event - Condition - Action versions: from 0.0.0 to 2.1.20, from 3.0.0 to 3.0.12, from 3.1.0 to 3.1.4...

4.2CVSS6.1AI score0.002EPSS
Exploits0References5
CVE
CVE
added 4 days ago12 views

CVE-2026-15083

Summary: CVE-2026-15083 affects the Drupal ECA: Event - Condition - Action (ECA) module. The issue is an unitary vulnerability where an Improperly Controlled Modification of Dynamically-Determined Object Attributes can lead to Object Injection. Affected versions: ECA: Event - Condition - Action i...

4.2CVSS6.1AI score0.002EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-12535 Formatter Field - Critical - PHP object injection - SA-CONTRIB-2026-048

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Formatter Field allows Object Injection. This issue affects Formatter Field versions: from 0.0.0 to 2.0.0...

0.00173EPSS
Exploits0References1
OSV
OSV
added 4 days ago2 views

CVE-2026-12535 Formatter Field - Critical - PHP object injection - SA-CONTRIB-2026-048

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Formatter Field allows Object Injection. This issue affects Formatter Field versions: from 0.0.0 to 2.0.0...

9.8CVSS6.1AI score0.00173EPSS
Exploits0References5
NVD
NVD
added 4 days ago6 views

CVE-2026-9726

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal AlternativeCommerce Basket allows Object Injection. This issue affects Drupal AlternativeCommerce Basket versions: from 0.0.0 to 2.1.17...

9.8CVSS0.00161EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-43042

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal AlternativeCommerce Basket allows Object Injection. This issue affects Drupal AlternativeCommerce Basket versions: from 0.0.0 to 2.1.17...

6.1AI score0.00161EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/23 9:24 p.m.6 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes in the POJOPropertiesCollector.renameProperties and BeanDeserializerFactory.addBeanProps methods, which rename rather than drop a property whose getter carri...

6.9CVSS6AI score0.00282EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 6:21 p.m.11 views

EUVD-2026-38570

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in ash-project ash allows a user to set the value of a private action argument that is intended to be controlled only by trusted server-side code. Action arguments declared with public?: false are meant t...

5.9CVSS5.8AI score0.00152EPSS
Exploits0References4
Rows per page
Query Builder