Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
94 changes: 94 additions & 0 deletions advisories/core/DRUPAL-CORE-2026-001.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
{
"schema_version": "1.7.0",
"id": "DRUPAL-CORE-2026-001",
"modified": "2026-04-15T19:24:30.000Z",
"published": "2026-04-15T19:24:30.000Z",
"aliases": [
"CVE-2026-6365"
],
"details": "Drupal core's jQuery integration for AJAX modal dialog boxes does not sufficiently sanitize certain options, which which can lead to a cross-site scripting (XSS) vulnerability.",
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "drupal/core"
},
"severity": [],
"ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "8.0.0"
},
{
"fixed": "10.5.9"
}
],
"database_specific": {
"constraint": ">= 8.0.0 < 10.5.9"
}
},
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "10.6.0"
},
{
"fixed": "10.6.7"
}
],
"database_specific": {
"constraint": ">= 10.6.0 < 10.6.7"
}
},
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "11.0.0"
},
{
"fixed": "11.2.11"
}
],
"database_specific": {
"constraint": ">= 11.0.0 < 11.2.11"
}
},
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "11.3.0"
},
{
"fixed": "11.3.7"
}
],
"database_specific": {
"constraint": ">= 11.3.0 < 11.3.7"
}
}
],
"database_specific": {
"affected_versions": ">= 8.0.0 < 10.5.9 || >= 10.6.0 < 10.6.7 || >= 11.0.0 < 11.2.11 || >= 11.3.0 < 11.3.7"
}
}
],
"references": [
{
"type": "WEB",
"url": "https://www.drupal.org/sa-core-2026-001"
}
],
"credits": [
{
"name": "Murat Keki\u00e7 (murat_kekic)",
"contact": [
"https://www.drupal.org/u/murat_kekic"
]
}
]
}
106 changes: 106 additions & 0 deletions advisories/core/DRUPAL-CORE-2026-002.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,106 @@
{
"schema_version": "1.7.0",
"id": "DRUPAL-CORE-2026-002",
"modified": "2026-04-15T19:25:23.000Z",
"published": "2026-04-15T19:25:23.000Z",
"aliases": [
"CVE-2026-6366"
],
"details": "Drupal core contains a chain of methods that could be exploitable when an insecure deserialization vulnerability exists on the site. This so-called \"gadget chain\" presents no direct threat, but is a vector that can be used to achieve remote code execution or SQL injection if the application deserializes untrusted data due to another vulnerability.\n\nThis issue is not directly exploitable.\n\nThis issue is mitigated by the fact that in order for it to be exploitable, a separate vulnerability must be present to allow an attacker to pass unsafe input to `unserialize()`. There are no such known exploits in Drupal core.",
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "drupal/core"
},
"severity": [],
"ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "8.0.0"
},
{
"fixed": "10.5.9"
}
],
"database_specific": {
"constraint": ">= 8.0.0 < 10.5.9"
}
},
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "10.6.0"
},
{
"fixed": "10.6.7"
}
],
"database_specific": {
"constraint": ">= 10.6.0 < 10.6.7"
}
},
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "11.0.0"
},
{
"fixed": "11.2.11"
}
],
"database_specific": {
"constraint": ">= 11.0.0 < 11.2.11"
}
},
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "11.3.0"
},
{
"fixed": "11.3.7"
}
],
"database_specific": {
"constraint": ">= 11.3.0 < 11.3.7"
}
}
],
"database_specific": {
"affected_versions": ">= 8.0.0 < 10.5.9 || >= 10.6.0 < 10.6.7 || >= 11.0.0 < 11.2.11 || >= 11.3.0 < 11.3.7"
}
}
],
"references": [
{
"type": "WEB",
"url": "https://www.drupal.org/sa-core-2026-002"
}
],
"credits": [
{
"name": "Truong Le (hswww)",
"contact": [
"https://www.drupal.org/u/hswww"
]
},
{
"name": "menon",
"contact": [
"https://www.drupal.org/u/menon"
]
},
{
"name": "t-chen",
"contact": [
"https://www.drupal.org/u/t-chen"
]
}
]
}
64 changes: 64 additions & 0 deletions advisories/core/DRUPAL-CORE-2026-003.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
{
"schema_version": "1.7.0",
"id": "DRUPAL-CORE-2026-003",
"modified": "2026-04-15T19:27:21.000Z",
"published": "2026-04-15T19:27:21.000Z",
"aliases": [
"CVE-2026-6367"
],
"details": "Drupal 11.3 comes with support for completing entity suggestions whilst adding a link to CKEditor 5.\n\nThe suggestions aren't sufficiently sanitized and a malicious user could trigger a stored cross site scripting attack against another user.",
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "drupal/core"
},
"severity": [],
"ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "11.3.0"
},
{
"fixed": "11.3.7"
}
],
"database_specific": {
"constraint": ">= 11.3.0 < 11.3.7"
}
}
],
"database_specific": {
"affected_versions": ">= 11.3.0 < 11.3.7"
}
}
],
"references": [
{
"type": "WEB",
"url": "https://www.drupal.org/sa-core-2026-003"
}
],
"credits": [
{
"name": "Dries Buytaert (dries)",
"contact": [
"https://www.drupal.org/u/dries"
]
},
{
"name": "Shirsendu Mondal",
"contact": [
"https://www.drupal.org/u/shirsendu-mondal"
]
},
{
"name": "cantina_security",
"contact": [
"https://www.drupal.org/u/cantina_security"
]
}
]
}
6 changes: 4 additions & 2 deletions advisories/orejime/DRUPAL-CONTRIB-2026-032.json
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
{
"schema_version": "1.7.0",
"id": "DRUPAL-CONTRIB-2026-032",
"modified": "2026-04-08T16:09:54.000Z",
"modified": "2026-04-10T16:51:06.000Z",
"published": "2026-04-08T16:09:54.000Z",
"aliases": [],
"aliases": [
"CVE-2026-6095"
],
"details": "The IframeConsent element writes HTML attributes without escaping their value.\n\nThis module has a XSS vulnerability. If an attacker is able to write an `<iframe-consent>` tag, they may be able to insert arbitrary JavaScript.\n\nThis vulnerability is mitigated by the fact that a text format that allows `iframe-consent` HTML tags with alt attributes in the necessary option (*Enable JS Iframe consent*) must be enabled, and an attacker must have a role allowing the creation or modification of content in a field with text the format.",
"affected": [
{
Expand Down
Loading