Export limit exceeded: 366888 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (992 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-15086 1 Drupal 1 Raw Formatter [meta Tag Formatter] 2026-07-16 5.9 Medium
vulnerability in Drupal Raw Formatter [Meta Tag Formatter] allows . This issue affects Raw Formatter [Meta Tag Formatter] versions: *.*.
CVE-2026-10769 1 Drupal 1 Commerce Core 2026-07-15 5.4 Medium
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Commerce Core allows Stored XSS. This issue affects Commerce Core versions: from 3.3.0 to 3.3.6.
CVE-2026-11908 1 Drupal 1 Tagify 2026-07-15 5.4 Medium
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Tagify allows Stored XSS. This issue affects Tagify versions: from 0.0.0 to 1.2.52.
CVE-2026-15089 1 Drupal 1 Commerce Guest Registration 2026-07-15 9.1 Critical
vulnerability in Drupal Commerce guest registration allows . This issue affects Commerce guest registration versions: *.*.
CVE-2026-10770 1 Drupal 1 Anti-spam By Cleantalk 2026-07-14 6.1 Medium
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Anti-Spam by CleanTalk allows Reflected XSS. This issue affects Anti-Spam by CleanTalk versions: from 0.0.0 to 9.7.1.
CVE-2026-15087 1 Drupal 1 Clean Restful 2026-07-14 5.9 Medium
vulnerability in Drupal Clean RESTful allows . This issue affects Clean RESTful versions: *.*.
CVE-2026-11915 1 Drupal 1 Brute Force Attack Protection 2026-07-14 5.9 Medium
vulnerability in Drupal Brute force attack protection allows . This issue affects Brute force attack protection versions: *.*.
CVE-2026-11914 1 Drupal 1 Composer 2026-07-14 5.9 Medium
vulnerability in Drupal Composer allows . This issue affects Composer versions: *.*.
CVE-2026-11909 1 Drupal 1 Examples For Developers 2026-07-13 3.3 Low
Missing Authorization vulnerability in Drupal Examples for Developers allows Forceful Browsing. This issue affects Examples for Developers versions: from 0.0.0 to 4.0.6.
CVE-2026-11913 1 Drupal 1 Mother May I 2026-07-13 9.8 Critical
vulnerability in Drupal Mother May I allows . This issue affects Mother May I versions: *.*.
CVE-2026-13237 1 Drupal 1 Ai Agents 2026-07-13 4.8 Medium
Incorrect Authorization vulnerability in Drupal AI Agents allows Forceful Browsing. This issue affects AI Agents versions: from 0.0.0 to 1.1.4, from 1.2.0 to 1.2.5, from 1.3.0 to 1.3.1.
CVE-2026-13238 1 Drupal 1 Commerce Realex / Global Payments 2026-07-13 4.8 Medium
Incorrect Authorization vulnerability in Drupal Commerce Realex / Global Payments allows Forceful Browsing. This issue affects Commerce Realex / Global Payments versions: from 0.0.0 to 3.0.2.
CVE-2026-58588 1 Drupal 1 Drupal Canvas 2026-07-13 6.1 Medium
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting (XSS). This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1.
CVE-2026-58591 1 Drupal 1 Colorbox 2026-07-13 5.4 Medium
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Colorbox allows Cross-Site Scripting (XSS). This issue affects Colorbox versions: from 0.0.0 to 2.1.5, from 0.0.0 to 2.2.0.
CVE-2026-15082 1 Drupal 1 Siteimprove Analytics 2026-07-13 5.4 Medium
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Siteimprove Analytics allows Cross-Site Scripting (XSS). This issue affects Siteimprove Analytics versions: from 0.0.0 to 2.0.1.
CVE-2026-15083 1 Drupal 1 Eca:event - Condition - Action 2026-07-13 4.2 Medium
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal ECA: Event - Condition - Action allows Object Injection. This issue affects ECA: Event - Condition - Action versions: from 0.0.0 to 2.1.20, from 3.0.0 to 3.0.12, from 3.1.0 to 3.1.4.
CVE-2026-15084 1 Drupal 1 Ui Patterns (sdc In Drupal Ui) 2026-07-13 5.4 Medium
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal UI Patterns (SDC in Drupal UI) allows Stored XSS. This issue affects UI Patterns (SDC in Drupal UI) versions: from 2.0.0 to 2.0.17.
CVE-2026-15085 1 Drupal 1 Ai Seo/geo Analyzer 2026-07-13 5.4 Medium
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal AI SEO/GEO Analyzer allows Stored XSS. This issue affects AI SEO/GEO Analyzer versions: from 0.0.0 to 1.1.3.
CVE-2026-55803 1 Drupal 1 Drupal Core 2026-07-13 5.9 Medium
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0.0 to 11.0.*, from 0.0.0 to 11.1.*.
CVE-2026-55804 1 Drupal 1 Drupal Core 2026-07-13 5.9 Medium
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0.0 to 11.0.*, from 0.0.0 to 11.1.*.