4 matches found
EUVD-2026-43060
Missing Authorization vulnerability in Drupal AI Agents allows Forceful Browsing. This issue affects AI Agents versions: from 0.0.0 to 1.1.4, from 1.2.0 to 1.2.5, from 1.3.0 to 1.3.1...
CVE-2026-13237
The CVE-2026-13237 entry describes an Incorrect Authorization vulnerability in Drupal AI Agents that enables forceful browsing and potential information disclosure. Affected are Drupal AI Agents versions: 0.0.0–1.1.4, 1.2.0–1.2.5, and 1.3.0–1.3.1. Root cause is improper access control within the ...
CVE-2026-13236
CVE-2026-13236 affects the Drupal AI Agents module. The issue is a Missing Authorization vulnerability that permits forceful browsing due to insufficient permission checks when a tool loads content entities. Affected versions are: 0.0.0–1.1.4, 1.2.0–1.2.5, and 1.3.0–1.3.1. The root cause is inade...
PT-2026-52170
Name of the Vulnerable Software and Affected Versions Drupal AI Agents versions 0.0.0 through 1.1.4 Drupal AI Agents versions 1.2.0 through 1.2.5 Drupal AI Agents versions 1.3.0 through 1.3.1 Description An incorrect authorization issue allows forceful browsing. Under certain conditions, the agen...