Where
-Infinity
0

Trending

Last week
Last month
Last year

Drupal DrupalSQL Injection

Risk 46
Severity
9
First published (updated )
Advisory
SA-CORE-2026-004

Drupal Drupal CoreDrupal core - Moderately critical - Cross-site scripting - SA-CORE-2026-003

Risk 38
Severity
6.1
First published (updated )
CVE-2026-6367

Drupal DrupalDrupal core - Moderately critical - Gadget Chain - SA-CORE-2026-002

Risk 61
Severity
6.6
First published (updated )
CVE-2026-6366

Drupal DrupalDrupal core - Critical - Cross-site scripting - SA-CORE-2026-001

Risk 38
Severity
6.1
First published (updated )
CVE-2026-6365

Drupal DrupalDrupal 11.3 comes with support for completing entity suggestions whilst adding a link to CKEditor 5.…

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2026-003
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Drupal DrupalXSS

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2026-001

Drupal DrupalSQL Injection

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2026-002

Drupal Drupal 11.3End of life details

EOL
Dec 16, 2026
Support Ends
Jun 16, 2026
First published (updated )
EOL-drupal-11.3

Drupal Drupal 10.6End of life details

EOL
Dec 16, 2026
Support Ends
Jun 16, 2026
First published (updated )
EOL-drupal-10.6

composer/drupal/coreDrupal core - Moderately critical - Information disclosure - SA-CORE-2025-008

Risk 20
Severity
3.7
First published (updated )
CVE-2025-13083
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

composer/drupal/coreDrupal core - Moderately critical - Gadget chain - SA-CORE-2025-006

Risk 45
Severity
5.9
First published (updated )
CVE-2025-13081

Drupal DrupalThe core system module handles downloads of private and temporary files. Contrib modules can define …

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2025-008

Drupal DrupalBy generating and tricking a user into visiting a malicious URL, an attacker can perform site deface…

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2025-007

Drupal DrupalDrupal core contains a chain of methods that is exploitable when an insecure deserialization vulnera…

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2025-006

Drupal DrupalDrupal Core has a rarely used feature, provided by an underlying library, which allows certain attri…

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2025-005
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Drupal Drupal 10.5Out of support

EOL
Jun 17, 2026
Support Ends
Dec 17, 2025
First published (updated )
EOL-drupal-10.5

Drupal Drupal 11.2Out of support

EOL
Jun 17, 2026
Support Ends
Dec 10, 2025
First published (updated )
EOL-drupal-11.2

composer/drupal/coreDrupal core - Moderately critical - Cross Site Scripting - SA-CORE-2025-004

Risk 25
Severity
5.4
EPSS
0.04%
First published (updated )
CVE-2025-31675

Drupal DrupalXSS

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2025-004

Drupal DrupalDrupal core contains a potential PHP Object Injection vulnerability that (if combined with another e…

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2025-003
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Drupal DrupalXSS

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2025-001

Drupal DrupalBulk operations allow authorized users to modify several nodes at once from the Content page (/admin…

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2025-002

Drupal Drupal 11.1Reached end of life

EOL
Dec 10, 2025
Support Ends
Jun 18, 2025
First published (updated )
EOL-drupal-11.1

Drupal Drupal 11.1Reached end of life

EOL
Dec 10, 2025
Support Ends
Jun 18, 2025
First published (updated )
latest-version-drupal-11.1

Drupal Drupal 10.4Reached end of life

EOL
Dec 10, 2025
Support Ends
Jun 18, 2025
First published (updated )
latest-version-drupal-10.4
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Drupal Drupal 10.4Reached end of life

EOL
Dec 10, 2025
Support Ends
Jun 18, 2025
First published (updated )
EOL-drupal-10.4

Drupal DrupalDrupal's uniqueness checking for certain user fields is inconsistent depending on the database engin…

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2024-004

Drupal DrupalDrupal core contains a potential PHP Object Injection vulnerability that (if combined with another e…

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2024-007

Drupal DrupalDrupal 7 core's Overlay module doesn't safely handle user input, leading to reflected cross-site scr…

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2024-005

Drupal DrupalDrupal core contains a potential PHP Object Injection vulnerability that (if combined with another e…

Risk 42
Severity
9
First published (updated )
Advisory
SA-CORE-2024-006
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203