Lucene search
K

6 matches found

CVE
CVE
added 2 days ago6 views

CVE-2026-15089

Technical details about CVE-2026-15089 are not provided in the supplied documents. No affected versions, root cause, or remediation are disclosed here. Monitor for updates from official advisories (Drupal SA) and CVE records.

6.1AI score0.00236EPSS
Exploits0References1
CVE
CVE
added 2 days ago15 views

CVE-2026-10770

CVE-2026-10770 affects the Drupal Anti-Spam by CleanTalk module (versions 0.0.0 through 9.7.1). The root cause is improper neutralization of input in web page generation, resulting in a Reflected XSS when rendering CleanTalk API responses in HTML. The issue is documented across multiple sources (...

6.1AI score0.00161EPSS
Exploits0References1
Drupal
Drupal
added 2026/06/10 12:0 a.m.9 views

Mother May I - Critical - Unsupported - SA-CONTRIB-2026-045

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...

5.2AI score0.00153EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/25 3:22 p.m.24 views

CVE-2026-3212 Tagify - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-013

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.49...

0.00136EPSS
Exploits0References1
Drupal
Drupal
added 2026/03/04 12:0 a.m.14 views

OpenID Connect / OAuth client - Moderately critical - Access bypass - SA-CONTRIB-2026-026

This module enables you to use an external OpenID Connect login provider to authenticate and log in users on your site. If a user signs in with a login provider for the first time on the website, a new Drupal user will be created. A visitor who successfully logs in to their Identity Provider and ...

6.5CVSS5.8AI score0.00246EPSS
Exploits0References2
Drupal
Drupal
added 2026/02/25 12:0 a.m.14 views

Anti-Spam by CleanTalk - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-014

This module enables you to block bots by Firewall. The module doesn't sufficiently sanitize user input leading to a reflected Cross-site scripting XSS vulnerability. This vulnerability is mitigated by the fact that the vulnerable functionality is only presented to users that are "challenged" or...

4.7CVSS5.3AI score0.00171EPSS
Exploits0References2
Rows per page
Query Builder