Drupal

469 tracked vulnerabilities.

CVE-2025-13083 LOW
Drupal <10.4.9-11.2.8 - Info Disclosure
Nov 18, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-13082 MEDIUM
Drupal Drupal core <11.2.8 - Content Spoofing
Nov 18, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-13081 MEDIUM
Drupal < 10.4.9 - Insecure Deserialization
Nov 18, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-13080 MEDIUM
Drupal < 10.4.9 - Improper Condition Check
Nov 18, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-12761 LOW
Drupal Simple Multi Step Form <2.0.0 - XSS
Nov 18, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-12760 MEDIUM
Drupal Email TFA <2.0.6 - Auth Bypass
Nov 18, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-9954 HIGH
Acquia Dam < 1.1.5 - Missing Authorization
Oct 30, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-12466 HIGH
Simple Oauth < 6.0.7 - Authentication Bypass
Oct 30, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-12083 MEDIUM
Salsa.digital Civictheme Design System < 1.12.0 - XSS
Oct 30, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-12082 HIGH
Salsa.digital Civictheme Design System - Incorrect Authorization
Oct 30, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-10931 LOW
Umami Analytics < 1.0.1 - XSS
Oct 30, 2025
CVSS 3.8
EPSS 0.00
CVE-2025-10930 MEDIUM
2bits Currency < 8.x-3.5 - CSRF
Oct 30, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-10929 MEDIUM
Drupal Reverse Proxy Header <1.1.2 - Info Disclosure
Oct 30, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-10928 MEDIUM
Access Code < 2.0.5 - Brute Force
Oct 30, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-10927 MEDIUM
Plausible Tracking < 1.0.2 - XSS
Oct 30, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-10926 MEDIUM
Json Field < 8.x-1.5 - XSS
Oct 30, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-48915 HIGH
Drupal COOKiES Consent Mgmt <1.2.15 - XSS
Jun 13, 2025
CVSS 8.6
EPSS 0.00
CVE-2025-48914 HIGH
Drupal COOKiES Consent Mgmt <1.2.15 - XSS
Jun 13, 2025
CVSS 8.6
EPSS 0.00
CVE-2025-48448 MEDIUM
Drupal Admin Audit Trail <1.0.5 - Info Disclosure
Jun 11, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-48447 HIGH
Drupal Lightgallery <1.6.0 - XSS
Jun 11, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-48446 HIGH
Drupal Commerce Alphabank Redirect <1.0.3 - Auth Bypass
Jun 11, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-48445 HIGH
Drupal Commerce Eurobank (Redirect) <2.1.1 - Functionality Misuse
Jun 11, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-48444 MEDIUM
Drupal Quick Node Block <2.0.0 - Info Disclosure
Jun 11, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-48013 MEDIUM
Quick Node Block < 2.0.0 - Missing Authorization
Jun 11, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-3474 MEDIUM
Drupal Panels < 4.9 - Missing Authentication
Apr 09, 2025
CVSS 6.5
EPSS 0.00
Products
drupal 270 core 91 project_issue_tracking_module 6 core-recommended 6 print 5 project 4 everyblog 4 ubercart_module 4 ai 4 aggregation_module 4 drupal_project_issue_tracking 3 content_construction_kit 3 shindig-integrator 3 localization_client 2 logintoboggan_module 2 help_tip_module 2 civictheme 2 imce_module 2 quick_node_block 2 chatroom_module 2 artificial_intelligence 2 database_administration_module 2 custom_search_module 2 data 2 brilliant_gallery 2 google_tag 2 activity 2 cookies_consent_management 2 bibliography_module 2 ajax_checklist 2
Quick Filters
Critical CVEs With Exploits In CISA KEV