CVE-2026-3525
The CVE-2026-3525 issue affects Drupal File Access Fix (deprecated) prior to version 1.2.0. The root cause is an incorrect authorization check that enables forceful browsing, potentially permitting access to sensitive files or resources. Red Hat and ENISA entries describe an improper file access ...