Vulnerabilities in Drupal
309 resultsCVE-2025-47701HIGHRestrict route by IP - Critical - Cross Site Request Forgery - SA-CONTRIB-2025-047EPSS 0.2%CVE-2024-13304MEDIUMMinify JS - Moderately critical - Cross site request forgery - SA-CONTRIB-2024-070EPSS 0.2%CVE-2026-3530MEDIUMOpenID Connect / OAuth client - Moderately critical - Server-side request forgery, Information disclosure - SA-CONTRIB-2026-025EPSS 0.2%CVE-2025-31680MEDIUMMatomo Analytics - Moderately critical - Cross site request forgery - SA-CONTRIB-2025-008EPSS 0.2%CVE-2025-31683MEDIUMGoogle Tag - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-012EPSS 0.2%CVE-2025-31684MEDIUMOAuth2 Client - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-013EPSS 0.2%CVE-2025-48921HIGHOpen Social - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-079EPSS 0.2%CVE-2026-1554MEDIUMCentral Authentication System (CAS) Server - Less critical - XML Element Injection - SA-CONTRIB-2026-007EPSS 0.2%CVE-2026-0946MEDIUMAT Internet SmartTag - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-003EPSS 0.1%CVE-2026-2349MEDIUMUI Icons - Critical - Cross-site Scripting - SA-CONTRIB-2026-010EPSS 0.1%CVE-2025-3131MEDIUMECA: Event - Condition - Action - Critical - Cross site request forgery - SA-CONTRIB-2025-031EPSS 0.1%CVE-2025-12761LOWSimple multi step form - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-116EPSS 0.1%CVE-2025-13979MEDIUMMini site - Moderately critical - Cross-Site Scripting - SA-CONTRIB-2025-117EPSS 0.1%CVE-2026-0947MEDIUMAT Internet Piano Analytics - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-004EPSS 0.1%CVE-2025-13984MEDIUMNext.js - Critical - Access bypass - SA-CONTRIB-2025-122EPSS 0.1%CVE-2024-13261LOWAcquia DAM - Moderately critical - Cross Site Request Forgery, Denial of Service - SA-CONTRIB-2024-025EPSS 0.1%CVE-2026-1553MEDIUMDrupal Canvas - Moderately critical - Access bypass - SA-CONTRIB-2026-006EPSS 0.1%CVE-2026-3212MEDIUMTagify - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-013EPSS 0.1%CVE-2026-2348MEDIUMQuick Edit - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-009EPSS 0.1%CVE-2025-13983MEDIUMTagify - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-121EPSS 0.1%