Lucene search
+L

15383 matches found

EUVD
EUVD
added 6 days ago5 views

EUVD-2026-43114

Missing Authorization vulnerability in Drupal LocalGov Workflows allows Forceful Browsing. This issue affects LocalGov Workflows versions: from 0.0.0 to 1.6.0...

6.1AI score0.00331EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-43048

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Anti-Spam by CleanTalk allows Reflected XSS. This issue affects Anti-Spam by CleanTalk versions: from 0.0.0 to 9.7.1...

6.1AI score0.00181EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-43115

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Commerce Core allows Stored XSS. This issue affects Commerce Core versions: from 3.3.0 to 3.3.6...

6.1AI score0.00162EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-43049

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Stored XSS. This issue affects Tagify versions: from 0.0.0 to 1.2.52...

6.1AI score0.00162EPSS
Exploits0References2
Snyk
Snyk
added 6 days ago3 views

Server-side Request Forgery (SSRF)

Overview drupal/core is an an open source content management platform powering millions of websites and applications. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the request process. An attacker can make arbitrary requests to internal or external syste...

8.8CVSS6.2AI score0.0014EPSS
Exploits0References2
Snyk
Snyk
added 6 days ago3 views

Cross-site Scripting (XSS)

Overview drupal/core is an an open source content management platform powering millions of websites and applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper input neutralization during web page generation. An attacker can execute arbitrary script...

6.1CVSS6.2AI score0.00133EPSS
Exploits0References2
Snyk
Snyk
added 6 days ago3 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview drupal/core is an an open source content management platform powering millions of websites and applications. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes in the process of modifying dynamically-determin...

8.8CVSS6.3AI score0.00215EPSS
Exploits0References2
Snyk
Snyk
added 6 days ago3 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview drupal/core is an an open source content management platform powering millions of websites and applications. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes in the deserialization process. An attacker can...

10CVSS6.3AI score0.00215EPSS
Exploits0References2
Snyk
Snyk
added 6 days ago5 views

Open Redirect

Overview drupal/core is an an open source content management platform powering millions of websites and applications. Affected versions of this package are vulnerable to Open Redirect via the URL redirection process. An attacker can redirect users to malicious sites or poison cache by crafting...

5.9CVSS6.1AI score0.00206EPSS
Exploits0References2
NVD
NVD
added last week7 views

CVE-2026-15087

vulnerability in Drupal Clean RESTful allows . This issue affects Clean RESTful versions:...

5.9CVSS0.00392EPSS
Exploits0References1
NVD
NVD
added last week5 views

CVE-2026-15089

vulnerability in Drupal Commerce guest registration allows . This issue affects Commerce guest registration versions:...

9.1CVSS0.00508EPSS
Exploits0References1
NVD
NVD
added last week6 views

CVE-2026-15086

vulnerability in Drupal Raw Formatter Meta Tag Formatter allows . This issue affects Raw Formatter Meta Tag Formatter versions:...

5.9CVSS0.00414EPSS
Exploits0References1
NVD
NVD
added last week6 views

CVE-2026-11915

vulnerability in Drupal Brute force attack protection allows . This issue affects Brute force attack protection versions:...

5.9CVSS0.00192EPSS
Exploits0References1
NVD
NVD
added last week6 views

CVE-2026-11913

vulnerability in Drupal Mother May I allows . This issue affects Mother May I versions:...

9.8CVSS0.0032EPSS
Exploits0References1
NVD
NVD
added last week6 views

CVE-2026-11914

vulnerability in Drupal Composer allows . This issue affects Composer versions:...

5.9CVSS0.00217EPSS
Exploits0References1
NVD
NVD
added last week8 views

CVE-2026-58589

Missing Authorization vulnerability in Drupal FlowDrop allows Forceful Browsing. This issue affects FlowDrop versions: from 0.0.0 to 1.6.0...

5.4CVSS0.0023EPSS
Exploits0References1
NVD
NVD
added last week9 views

CVE-2026-58591

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Colorbox allows Cross-Site Scripting XSS. This issue affects Colorbox versions: from 0.0.0 to 2.1.5, from 0.0.0 to 2.2.0...

5.4CVSS0.00228EPSS
Exploits0References1
NVD
NVD
added last week6 views

CVE-2026-58590

Missing Authorization vulnerability in Drupal FlowDrop allows Forceful Browsing. This issue affects FlowDrop versions: from 0.0.0 to 1.6.0...

5.4CVSS0.0023EPSS
Exploits0References1
NVD
NVD
added last week6 views

CVE-2026-58588

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1CVSS0.00253EPSS
Exploits0References1
NVD
NVD
added last week7 views

CVE-2026-58587

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1CVSS0.00253EPSS
Exploits0References1
Rows per page
Query Builder