449 matches found
EUVD-2026-16377
Incorrect Authorization vulnerability in Drupal File Access Fix deprecated allows Forceful Browsing.This issue affects File Access Fix deprecated: from 0.0.0 before 1.2.0...
CVE-2026-4933
Incorrect Authorization vulnerability in Drupal Unpublished Node Permissions allows Forceful Browsing.This issue affects Unpublished Node Permissions: from 0.0.0 before 1.7.0...
CVE-2026-3525
Incorrect Authorization vulnerability in Drupal File Access Fix deprecated allows Forceful Browsing.This issue affects File Access Fix deprecated: from 0.0.0 before 1.2.0...
CVE-2026-3526
Incorrect Authorization vulnerability in Drupal File Access Fix deprecated allows Forceful Browsing.This issue affects File Access Fix deprecated: from 0.0.0 before 1.2.0...
CVE-2026-4933
Incorrect Authorization vulnerability in Drupal Unpublished Node Permissions allows Forceful Browsing.This issue affects Unpublished Node Permissions: from 0.0.0 before 1.7.0...
CVE-2026-4933 Unpublished Node Permissions - Critical - Access bypass - SA-CONTRIB-2026-029
Incorrect Authorization vulnerability in Drupal Unpublished Node Permissions allows Forceful Browsing.This issue affects Unpublished Node Permissions: from 0.0.0 before 1.7.0...
CVE-2026-3526
CVE-2026-3526 affects the Drupal File Access Fix (deprecated) module. An incorrect authorization flaw can enable forceful browsing , potentially granting access to protected files. Affected: module versions prior to 1.2.0 . Root cause: access logic not consistently validated by the module that mo...
CVE-2026-3526
Incorrect Authorization vulnerability in Drupal File Access Fix deprecated allows Forceful Browsing.This issue affects File Access Fix deprecated: from 0.0.0 before 1.2.0...
CVE-2026-3526 File Access Fix (deprecated) - Moderately critical - Access bypass - SA-CONTRIB-2026-021
Incorrect Authorization vulnerability in Drupal File Access Fix deprecated allows Forceful Browsing.This issue affects File Access Fix deprecated: from 0.0.0 before 1.2.0...
CVE-2026-3525
Incorrect Authorization vulnerability in Drupal File Access Fix deprecated allows Forceful Browsing.This issue affects File Access Fix deprecated: from 0.0.0 before 1.2.0...
CVE-2026-3525 File Access Fix (deprecated) - Moderately critical - Access bypass - SA-CONTRIB-2026-020
Incorrect Authorization vulnerability in Drupal File Access Fix deprecated allows Forceful Browsing.This issue affects File Access Fix deprecated: from 0.0.0 before 1.2.0...
CVE-2026-3525
The CVE-2026-3525 issue affects Drupal File Access Fix (deprecated) prior to version 1.2.0. The root cause is an incorrect authorization check that enables forceful browsing, potentially permitting access to sensitive files or resources. Red Hat and ENISA entries describe an improper file access ...
CVE-2026-3525 File Access Fix (deprecated) - Moderately critical - Access bypass - SA-CONTRIB-2026-020
Incorrect Authorization vulnerability in Drupal File Access Fix deprecated allows Forceful Browsing.This issue affects File Access Fix deprecated: from 0.0.0 before 1.2.0...
CVE-2026-3210
Incorrect Authorization vulnerability in Drupal Material Icons allows Forceful Browsing.This issue affects Material Icons: from 0.0.0 before 2.0.4...
EUVD-2026-15465
Incorrect Authorization vulnerability in Drupal Material Icons allows Forceful Browsing.This issue affects Material Icons: from 0.0.0 before 2.0.4...
CVE-2026-3210
Incorrect Authorization vulnerability in Drupal Material Icons allows Forceful Browsing.This issue affects Material Icons: from 0.0.0 before 2.0.4...
CVE-2026-3210 Material Icons - Moderately critical - Access bypass - SA-CONTRIB-2026-011
Incorrect Authorization vulnerability in Drupal Material Icons allows Forceful Browsing.This issue affects Material Icons: from 0.0.0 before 2.0.4...
CVE-2026-3210
CVE-2026-3210 relates to an Incorrect Authorization vulnerability in the Drupal Material Icons module, allowing forceful browsing. Affected software: Drupal Material Icons versions prior to 2.0.4. Root cause: insufficiently restricted permissions on CKEditor-related routes (dialog and autocomplet...
CVE-2026-3210 Material Icons - Moderately critical - Access bypass - SA-CONTRIB-2026-011
Incorrect Authorization vulnerability in Drupal Material Icons allows Forceful Browsing.This issue affects Material Icons: from 0.0.0 before 2.0.4...
PT-2026-28676
Name of the Vulnerable Software and Affected Versions Drupal versions prior to 1.7.0 Description An incorrect authorization issue exists in Drupal’s Unpublished Node Permissions, allowing forceful browsing. The problem relates to inconsistent access control for unpublished translated nodes. The...