Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13921 matches found

Vulnrichment
Vulnrichmentadded 2026/01/28 8:2 p.m.3 views

CVE-2025-13985 Entity Share - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-123

Incorrect Authorization vulnerability in Drupal Entity Share allows Forceful Browsing.This issue affects Entity Share: from 0.0.0 before 3.13.0...

5.9AI score0.00187EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/28 8:2 p.m.19 views

CVE-2025-13985 Entity Share - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-123

Incorrect Authorization vulnerability in Drupal Entity Share allows Forceful Browsing.This issue affects Entity Share: from 0.0.0 before 3.13.0...

0.00187EPSS
Exploits0References1
EUVD
EUVDadded 2026/01/28 8:2 p.m.4 views

EUVD-2025-206436

Incorrect Authorization vulnerability in Drupal Entity Share allows Forceful Browsing.This issue affects Entity Share: from 0.0.0 before 3.13.0...

5.3CVSS5.9AI score0.00187EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/28 8:2 p.m.32 views

CVE-2025-13984 Next.js - Critical - Access bypass - SA-CONTRIB-2025-122

Permissive Cross-domain Security Policy with Untrusted Domains vulnerability in Drupal Next.Js allows Cross-Site Scripting XSS.This issue affects Next.Js: from 0.0.0 before 1.6.4, from 2.0.0 before 2.0.1...

0.00141EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/28 8:2 p.m.4 views

CVE-2025-13984

Permissive Cross-domain Security Policy with Untrusted Domains vulnerability in Drupal Next.Js allows Cross-Site Scripting XSS.This issue affects Next.Js: from 0.0.0 before 1.6.4, from 2.0.0 before 2.0.1...

5.9AI score0.00141EPSS
Exploits0References2Affected Software1
EUVD
EUVDadded 2026/01/28 8:2 p.m.4 views

EUVD-2025-206437

Permissive Cross-domain Security Policy with Untrusted Domains vulnerability in Drupal Next.Js allows Cross-Site Scripting XSS.This issue affects Next.Js: from 0.0.0 before 1.6.4, from 2.0.0 before 2.0.1...

6.1CVSS5.9AI score0.00141EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/28 8:2 p.m.4 views

CVE-2025-13983

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.44...

5.9AI score0.00136EPSS
Exploits0References2
EUVD
EUVDadded 2026/01/28 8:2 p.m.4 views

EUVD-2025-206438

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.44...

5.4CVSS5.9AI score0.00136EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/28 8:2 p.m.27 views

CVE-2025-13983 Tagify - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-121

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.44...

0.00136EPSS
Exploits0References1
CVE
CVEadded 2026/01/28 8:2 p.m.10 views

CVE-2025-13983

Summary of CVE-2025-13983 (Drupal Tagify XSS) A Cross-Site Scripting vulnerability affects the Drupal Tagify module, specifically Tagify up to version 1.2.43 (i.e., before 1.2.44). The root cause is improper neutralization of input during web page generation, which can allow attackers to inject s...

5.4CVSS5.9AI score0.00136EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/28 8:2 p.m.3 views

CVE-2025-13983 Tagify - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-121

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.44...

5.9AI score0.00136EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/28 8:1 p.m.30 views

CVE-2025-13982 Login Time Restriction - Moderately critical - Cross-Site Request Forgery - SA-CONTRIB-2025-120

Cross-Site Request Forgery CSRF vulnerability in Drupal Login Time Restriction allows Cross Site Request Forgery.This issue affects Login Time Restriction: from 0.0.0 before 1.0.3...

0.00135EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/28 8:1 p.m.4 views

CVE-2025-13982

Cross-Site Request Forgery CSRF vulnerability in Drupal Login Time Restriction allows Cross Site Request Forgery.This issue affects Login Time Restriction: from 0.0.0 before 1.0.3...

5.9AI score0.00135EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/01/28 8:1 p.m.2 views

CVE-2025-13982 Login Time Restriction - Moderately critical - Cross-Site Request Forgery - SA-CONTRIB-2025-120

Cross-Site Request Forgery CSRF vulnerability in Drupal Login Time Restriction allows Cross Site Request Forgery.This issue affects Login Time Restriction: from 0.0.0 before 1.0.3...

5.9AI score0.00135EPSS
Exploits0References1
CVE
CVEadded 2026/01/28 8:1 p.m.11 views

CVE-2025-13982

CVE-2025-13982 describes a CSRF vulnerability in the Drupal Login Time Restriction module. Affected are versions prior to 1.0.3, where the module does not sufficiently protect its confirmation/logout routes from CSRF. Impact: an attacker could perform actions on behalf of authenticated users. Rem...

8.1CVSS5.9AI score0.00135EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2026/01/28 8:1 p.m.2 views

EUVD-2025-206439

Cross-Site Request Forgery CSRF vulnerability in Drupal Login Time Restriction allows Cross Site Request Forgery.This issue affects Login Time Restriction: from 0.0.0 before 1.0.3...

8.1CVSS5.9AI score0.00135EPSS
Exploits0References1
CVE
CVEadded 2026/01/28 8:1 p.m.9 views

CVE-2025-13981

CVE-2025-13981 describes a Cross-Site Scripting (XSS) vulnerability in the Drupal AI module (Artificial Intelligence) caused by improper neutralization of input during web page generation. Affected versions are: 0.0.0 before 1.0.7, 1.1.0 before 1.1.7, and 1.2.0 before 1.2.4. The provided document...

4.4CVSS5.9AI score0.00118EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/28 8:1 p.m.4 views

CVE-2025-13981 AI (Artificial Intelligence) - Moderately critical - Cross-Site Scripting - SA-CONTRIB-2025-119

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AI Artificial Intelligence allows Cross-Site Scripting XSS.This issue affects AI Artificial Intelligence: from 0.0.0 before 1.0.7, from 1.1.0 before 1.1.7, from 1.2.0 before 1.2.4...

5.9AI score0.00118EPSS
Exploits0References1
EUVD
EUVDadded 2026/01/28 8:1 p.m.5 views

EUVD-2025-206440

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AI Artificial Intelligence allows Cross-Site Scripting XSS.This issue affects AI Artificial Intelligence: from 0.0.0 before 1.0.7, from 1.1.0 before 1.1.7, from 1.2.0 before 1.2.4...

4.4CVSS5.9AI score0.00118EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/28 8:1 p.m.4 views

CVE-2025-13981

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AI Artificial Intelligence allows Cross-Site Scripting XSS.This issue affects AI Artificial Intelligence: from 0.0.0 before 1.0.7, from 1.1.0 before 1.1.7, from 1.2.0 before 1.2.4...

5.9AI score0.00118EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder