CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

13921 matches found

Drupal•added 2026/02/11 12:0 a.m.•14 views

UI Icons - Critical - Cross-site Scripting - SA-CONTRIB-2026-010

This module enables you to integrate and manage icons with Drupal. The module doesn't sufficiently sanitize user input leading to a reflected Cross-site Scripting XSS vulnerability. The vulnerability is mitigated by the fact that in order to be vulnerable, the "UI Icons for CKEditor 5" submodule...

6.1CVSS5.4AI score0.00149EPSS

Exploits0References1

Positive Technologies•added 2026/02/11 12:0 a.m.•6 views

PT-2026-7808

This module enables you to integrate and manage icons with Drupal. The module doesn't sufficiently sanitize user input leading to a reflected Cross-site Scripting XSS vulnerability. The vulnerability is mitigated by the fact that in order to be vulnerable, the "UI Icons for CKEditor 5" submodule...

5.8AI score0.00149EPSS

Exploits0References3

GithubExploit•added 2026/02/10 4:18 p.m.•134 views

Exploit for Generation of Error Message Containing Sensitive Information in Drupal

Enumeration tool for CVE-2024-45440 by DividesByZer0 & c0d3Ninja...

5.3CVSS5.5AI score0.09269EPSS

GithubExploit•added 2026/02/10 11:9 a.m.•146 views

Exploit for Improper Input Validation in Drupal

No d...

9.8CVSS5.4AI score0.99993EPSS

RedhatCVE•added 2026/02/06 1:26 a.m.•5 views

CVE-2026-0944

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Group invite allows Forceful Browsing.This issue affects Group invite: from 0.0.0 before 2.3.9, from 3.0.0 before 3.0.4, from 4.0.0 before 4.0.4...

5.3CVSS5.3AI score0.00197EPSS

Exploits0References1

RedhatCVE•added 2026/02/06 1:26 a.m.•4 views

CVE-2026-1553

Incorrect Authorization vulnerability in Drupal Drupal Canvas allows Forceful Browsing.This issue affects Drupal Canvas: from 0.0.0 before 1.0.4...

4.8CVSS5.3AI score0.00138EPSS

Exploits0References1

RedhatCVE•added 2026/02/06 1:26 a.m.•4 views

CVE-2026-0947

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AT Internet Piano Analytics allows Cross-Site Scripting XSS.This issue affects AT Internet Piano Analytics: from 0.0.0 before 1.0.1, from 2.0.0 before 2.3.1...

4.8CVSS5.3AI score0.00142EPSS

Exploits0References1

RedhatCVE•added 2026/02/06 1:26 a.m.•4 views

CVE-2026-0946

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AT Internet SmartTag allows Cross-Site Scripting XSS.This issue affects AT Internet SmartTag: from 0.0.0 before 1.0.1...

6.1CVSS5.3AI score0.00149EPSS

Exploits0References1

RedhatCVE•added 2026/02/06 1:25 a.m.•4 views

CVE-2026-0945

Privilege Defined With Unsafe Actions vulnerability in Drupal Role Delegation allows Privilege Escalation.This issue affects Role Delegation: from 1.3.0 before 1.5.0...

5.4CVSS5.3AI score0.00221EPSS

Exploits0References1

OSV•added 2026/02/04 9:15 p.m.•4 views

CVE-2026-1553

Incorrect Authorization vulnerability in Drupal Drupal Canvas allows Forceful Browsing.This issue affects Drupal Canvas: from 0.0.0 before 1.0.4...

4.8CVSS5.8AI score0.00138EPSS

Exploits0References1

OSV•added 2026/02/04 9:15 p.m.•4 views

CVE-2026-0948

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Microsoft Entra ID SSO Login allows Privilege Escalation.This issue affects Microsoft Entra ID SSO Login: from 0.0.0 before 1.0.4...

6.5CVSS5.8AI score0.002EPSS

Exploits0References1

OSV•added 2026/02/04 9:15 p.m.•3 views

CVE-2026-1554

XML Injection aka Blind XPath Injection vulnerability in Drupal Central Authentication System CAS Server allows Privilege Escalation.This issue affects Central Authentication System CAS Server: from 0.0.0 before 2.0.3, from 2.1.0 before 2.1.2...

4.2CVSS5.8AI score0.00152EPSS

Exploits0References1

NVD•added 2026/02/04 9:15 p.m.•5 views

CVE-2026-0947

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AT Internet Piano Analytics allows Cross-Site Scripting XSS.This issue affects AT Internet Piano Analytics: from 0.0.0 before 1.0.1, from 2.0.0 before 2.3.1...

4.8CVSS0.00142EPSS

Exploits0References1

NVD•added 2026/02/04 9:15 p.m.•7 views

CVE-2026-0948

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Microsoft Entra ID SSO Login allows Privilege Escalation.This issue affects Microsoft Entra ID SSO Login: from 0.0.0 before 1.0.4...

6.5CVSS0.002EPSS

Exploits0References1

NVD•added 2026/02/04 9:15 p.m.•6 views

CVE-2026-1553

Incorrect Authorization vulnerability in Drupal Drupal Canvas allows Forceful Browsing.This issue affects Drupal Canvas: from 0.0.0 before 1.0.4...

4.8CVSS0.00138EPSS

Exploits0References1

OSV•added 2026/02/04 9:15 p.m.•2 views

CVE-2026-0947

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AT Internet Piano Analytics allows Cross-Site Scripting XSS.This issue affects AT Internet Piano Analytics: from 0.0.0 before 1.0.1, from 2.0.0 before 2.3.1...

4.8CVSS5.8AI score0.00142EPSS

Exploits0References1

OSV•added 2026/02/04 9:15 p.m.•3 views

CVE-2026-0944

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Group invite allows Forceful Browsing.This issue affects Group invite: from 0.0.0 before 2.3.9, from 3.0.0 before 3.0.4, from 4.0.0 before 4.0.4...

5.3CVSS5.8AI score

Exploits0References1

OSV•added 2026/02/04 9:15 p.m.•6 views

CVE-2026-0946

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AT Internet SmartTag allows Cross-Site Scripting XSS.This issue affects AT Internet SmartTag: from 0.0.0 before 1.0.1...

6.1CVSS5.8AI score0.00149EPSS

Exploits0References1

NVD•added 2026/02/04 9:15 p.m.•5 views

CVE-2026-0944

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Group invite allows Forceful Browsing.This issue affects Group invite: from 0.0.0 before 2.3.9, from 3.0.0 before 3.0.4, from 4.0.0 before 4.0.4...

5.3CVSS0.00197EPSS

Exploits0References1

NVD•added 2026/02/04 9:15 p.m.•8 views

CVE-2026-0945

Privilege Defined With Unsafe Actions vulnerability in Drupal Role Delegation allows Privilege Escalation.This issue affects Role Delegation: from 1.3.0 before 1.5.0...

8.8CVSS0.00221EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by