Lucene search
+L

15383 matches found

NVD
NVD
added last week3 views

CVE-2026-13234

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AI Artificial Intelligence allows Cross-Site Scripting XSS. This issue affects AI Artificial Intelligence versions: from 0.0.0 to 1.2.17, from 1.3.0 to 1.3.8, from 1.4.0 to 1.4.3...

6.1CVSS0.00181EPSS
Exploits0References1
NVD
NVD
added last week5 views

CVE-2026-13235

Missing Authorization vulnerability in Drupal AI Artificial Intelligence allows Forceful Browsing. This issue affects AI Artificial Intelligence versions: from 0.0.0 to 1.2.17, from 1.3.0 to 1.3.8, from 1.4.0 to 1.4.3...

3.3CVSS0.00161EPSS
Exploits0References1
NVD
NVD
added last week3 views

CVE-2026-13233

Server-Side Request Forgery SSRF vulnerability in Drupal OpenAI Provider allows Server Side Request Forgery. This issue affects OpenAI Provider versions: from 0.0.0 to 1.1.1, from 1.2.0 to 1.2.2...

3.3CVSS0.00161EPSS
Exploits0References1
NVD
NVD
added last week3 views

CVE-2026-13231

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Advanced Content Feedback aka adminfeedback allows Stored XSS. This issue affects Advanced Content Feedback aka adminfeedback versions: from 0.0.0 to 2.8.0...

6.1CVSS0.00181EPSS
Exploits0References1
NVD
NVD
added last week5 views

CVE-2026-13232

Incorrect Authorization vulnerability in Drupal Advanced Content Feedback aka adminfeedback allows Forceful Browsing. This issue affects Advanced Content Feedback aka adminfeedback versions: from 0.0.0 to 2.8.0...

3.1CVSS0.00162EPSS
Exploits0References1
NVD
NVD
added last week4 views

CVE-2026-13236

Missing Authorization vulnerability in Drupal AI Agents allows Forceful Browsing. This issue affects AI Agents versions: from 0.0.0 to 1.1.4, from 1.2.0 to 1.2.5, from 1.3.0 to 1.3.1...

4.2CVSS0.00145EPSS
Exploits0References1
NVD
NVD
added last week5 views

CVE-2026-12535

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Formatter Field allows Object Injection. This issue affects Formatter Field versions: from 0.0.0 to 2.0.0...

9.8CVSS0.00386EPSS
Exploits0References1
NVD
NVD
added last week4 views

CVE-2026-13237

Incorrect Authorization vulnerability in Drupal AI Agents allows Forceful Browsing. This issue affects AI Agents versions: from 0.0.0 to 1.1.4, from 1.2.0 to 1.2.5, from 1.3.0 to 1.3.1...

4.8CVSS0.00168EPSS
Exploits0References1
NVD
NVD
added last week3 views

CVE-2026-13238

Incorrect Authorization vulnerability in Drupal Commerce Realex / Global Payments allows Forceful Browsing. This issue affects Commerce Realex / Global Payments versions: from 0.0.0 to 3.0.2...

4.8CVSS0.00217EPSS
Exploits0References1
NVD
NVD
added last week5 views

CVE-2026-10768

Missing Authorization vulnerability in Drupal LocalGov Workflows allows Forceful Browsing. This issue affects LocalGov Workflows versions: from 0.0.0 to 1.6.0...

9.8CVSS0.00331EPSS
Exploits0References1
NVD
NVD
added last week4 views

CVE-2026-11909

Missing Authorization vulnerability in Drupal Examples for Developers allows Forceful Browsing. This issue affects Examples for Developers versions: from 0.0.0 to 4.0.6...

3.3CVSS0.00161EPSS
Exploits0References1
NVD
NVD
added last week4 views

CVE-2026-10770

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Anti-Spam by CleanTalk allows Reflected XSS. This issue affects Anti-Spam by CleanTalk versions: from 0.0.0 to 9.7.1...

6.1CVSS0.00181EPSS
Exploits0References1
NVD
NVD
added last week3 views

CVE-2026-10769

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Commerce Core allows Stored XSS. This issue affects Commerce Core versions: from 3.3.0 to 3.3.6...

5.4CVSS0.00162EPSS
Exploits0References1
NVD
NVD
added last week3 views

CVE-2026-11908

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Stored XSS. This issue affects Tagify versions: from 0.0.0 to 1.2.52...

5.4CVSS0.00162EPSS
Exploits0References1
Cvelist
Cvelist
added last week34 views

CVE-2026-11913 Mother May I - Critical - Unsupported - SA-CONTRIB-2026-045

vulnerability in Drupal Mother May I allows . This issue affects Mother May I versions:...

0.0032EPSS
Exploits0References1
CVE
CVE
added last week15 views

CVE-2026-11913

CVE-2026-11913 concerns a vulnerability in the Drupal module “Mother May I.” The official CVE notes a critical impact (CVSS 9.8) with affected versions listed as wildcards (. ). Connected sources indicate the Drupal project marks the module as unsupported and a fix has not been provided (SA-CONTR...

9.8CVSS6.1AI score0.0032EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added last week3 views

CVE-2026-11913 Mother May I - Critical - Unsupported - SA-CONTRIB-2026-045

vulnerability in Drupal Mother May I allows . This issue affects Mother May I versions:...

6.1AI score0.0032EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added last week1 views

CVE-2026-11913

vulnerability in Drupal Mother May I allows . This issue affects Mother May I versions:...

9.8CVSS6.1AI score0.0032EPSS
Exploits0References2
Cvelist
Cvelist
added last week33 views

CVE-2026-11914 Composer - Critical - Unsupported - SA-CONTRIB-2026-046

vulnerability in Drupal Composer allows . This issue affects Composer versions:...

0.00217EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added last week1 views

CVE-2026-11914

vulnerability in Drupal Composer allows . This issue affects Composer versions:...

5.9CVSS6.1AI score0.00217EPSS
Exploits0References2
Rows per page
Query Builder