Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how drupal compares to other vendors in security performance

View Risk Score →

Software

drupal
101
drupal drupal
85
drupal custom search module
2
drupal drupal project issue tracking
2
drupal professional theme
2
drupal views
2
drupal asin field module
1
drupal browser back button
1
drupal devel module
1
drupal doubleclick for publishers
1
drupal drupal core
1
drupal drupal e-commerce module
1
drupal drupal easylinks module
1
drupal e-commerce module
1
drupal fullname field for cck
1
drupal invite module
1
drupal link module
1
drupal logintoboggan module
1
drupal maestro
1
drupal monster menus
1
drupal newsflash
1
drupal nivo slider
1
drupal node relativity module
1
drupal node view permissions
1
drupal pathauto module
1
drupal paypal node module
1
drupal petition node module
1
drupal print
1
drupal print module
1
drupal protected node module
1
drupal quiz
1
drupal simple multi step form
1
drupal single content sync
1
drupal skeleton theme
1
drupal taxonomy autotagger module
1
drupal taxonomy manager
1
drupal taxonomy theme module
1
drupal tinytax taxonomy block module
1
drupal token module
1
drupal trailscout module
1
drupal ubercart module
1
drupal zen
1
drupalisme tinybox
1

Drupal Node View PermissionsNode View Permissions - Moderately critical - Access bypass - SA-CONTRIB-2026-034

Risk 15
Severity
3.7
EPSS
0.03%
First published (updated )
CVE-2026-8491

Drupal Simple multi step formSimple multi step form - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-116

Risk 24
Severity
3.5
First published (updated )
CVE-2025-12761

composer/drupal/coreDrupal core - Moderately critical - Information disclosure - SA-CORE-2025-008

Risk 20
Severity
3.7
First published (updated )
CVE-2025-13083

Drupal Umami AnalyticsUmami Analytics - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-109

Risk 26
Severity
3.8
First published (updated )
CVE-2025-10931

Drupal Single Content SyncSingle Content Sync - Moderately critical - Access bypass - SA-CONTRIB-2025-060

Risk 13
Severity
3.1
EPSS
0.03%
First published (updated )
CVE-2025-48009
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Browser Back Button Project Browser Back Button DrupalBrowser Back Button - Moderately critical - Cross site scripting - SA-CONTRIB-2024-072

Risk 26
Severity
3.8
First published (updated )
CVE-2024-13308

Drupal POST FilePOST File - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-059

Risk 17
Severity
3.1
First published (updated )
CVE-2024-13293

Drupal DrupalDrupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password o…

Risk 18
Severity
3.5
First published (updated )
CVE-2015-2559

Drupal Organic Groups MenuThe Organic Groups Menu (aka OG Menu) module before 7.x-2.2 for Drupal allows remote authenticated u…

Risk 18
Severity
3.5
First published (updated )
CVE-2014-8734

Drupal Custom Search moduleXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-8745
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Drupal Skeleton themeXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-8746

Drupal Doubleclick for PublishersXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-8748

Drupal Nivo SliderXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-8744

Drupal MaestroXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-8743

Drupal NewsFlashXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-8077
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Drupal TribuneXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-8075

Drupal PrintXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-8078

Drupal Professional themeXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-8076

Drupal ZenXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-7980

Drupal SimpleCorpXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-7979
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Drupal BlueMastersXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-7978

Drupal Custom Search moduleXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-7870

Drupal Context Form Alteration moduleXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2014-7869

Drupal DrupalXSS

Risk 13
Severity
2.1
First published (updated )
CVE-2014-5021

MediaFront MediaFrontXSS

Risk 13
Severity
2.1
First published (updated )
CVE-2013-4380
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Florian Weber SpacesThe Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 for Drupal does not properly del…

Risk 13
Severity
2.1
First published (updated )
CVE-2013-4498

Monster Menus Module Project Monster MenusThe Monster Menus module 7.x-1.x before 7.x-1.15 allows remote attackers to read arbitrary node comm…

Risk 15
Severity
2.6
First published (updated )
CVE-2013-4504

Dennis Bruecke Jquery CountdownXSS

Risk 13
Severity
2.1
First published (updated )
CVE-2013-4383

Drupal DrupalXSS

Risk 15
Severity
2.6
First published (updated )
CVE-2013-0244

Drupal DrupalXSS

Risk 13
Severity
2.1
First published (updated )
CVE-2013-6387
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203