Lucene search
K

4 matches found

CVE
CVE
added yesterday443 views

CVE-2026-55806

Summary of CVE-2026-55806 (Drupal core) : Affects Drupal core where the rebuild.php front controller does not correctly validate the Host header against trusted host patterns, enabling cache poisoning and open redirects. Affected versions include: 0.0.0–11.1., 11.0. –11.1.*, 10.0.0–10.5.12, 10.6....

6.1AI score
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 10:28 p.m.35 views

CVE-2026-6367 Drupal core - Moderately critical - Cross-site scripting - SA-CORE-2026-003

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS. This issue affects Drupal core: from 11.3.0 before 11.3.7...

0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/19 10:27 p.m.9 views

CVE-2026-6366 Drupal core - Moderately critical - Gadget Chain - SA-CORE-2026-002

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core: from 8.0.0 before 10.5.9, from 10.6.0 before 10.6.7, from 11.0.0 before 11.2.11, from 11.3.0 before 11.3.7...

5.8AI score0.00399EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 10:27 p.m.42 views

CVE-2026-6365 Drupal core - Critical - Cross-site scripting - SA-CORE-2026-001

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS. This issue affects Drupal core: from 8.0.0 before 10.5.9, from 10.6.0 before 10.6.7, from 11.0.0 before 11.2.11, from 11.3.0 before 11.3.7...

0.00238EPSS
Exploits0References1
Rows per page
Query Builder