Drupal Security Team

@[email protected]
476 Followers
5 Following
324 Posts
Republish Drupal Security Advisories & related news. Follow Drupal Security Team. Contact @greggles to get RT. DM & mentions not actively monitored. https://drupal.org/node/101494
Source of Advisorieshttps://www.drupal.org/security/
Drupal Security Team1d ago

Automated Logout - Moderately critical - Cross-site request forgery - SA-CONTRIB-2026-030

https://www.drupal.org/sa-contrib-2026-030

Drupal Security TeamMar 11

Unpublished Node Permissions - Critical - Access bypass - SA-CONTRIB-2026-029

https://www.drupal.org/sa-contrib-2026-029

Drupal Security TeamMar 11

AI (Artificial Intelligence) - Moderately critical - Information Disclosure - SA-CONTRIB-2026-028

https://www.drupal.org/sa-contrib-2026-028

Drupal Security TeamMar 4

OpenID Connect / OAuth client - Less critical - Access bypass - SA-CONTRIB-2026-027

https://www.drupal.org/sa-contrib-2026-027

Drupal Security TeamMar 4

OpenID Connect / OAuth client - Moderately critical - Access bypass - SA-CONTRIB-2026-026

https://www.drupal.org/sa-contrib-2026-026

Drupal Security TeamMar 4

OpenID Connect / OAuth client - Moderately critical - Server-side request forgery, Information disclosure - SA-CONTRIB-2026-025

https://www.drupal.org/sa-contrib-2026-025

Drupal Security TeamMar 4

RE: https://mastodon.social/@drupalinfra/116166360994376777

There is a delay in delivering emails announcing today's advisories due to the drupal.org data center migration. See below for more details.

Drupal Security TeamMar 4

Google Analytics GA4 - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-024

https://www.drupal.org/sa-contrib-2026-024

Drupal Security TeamMar 4

Calculation Fields - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-023

https://www.drupal.org/sa-contrib-2026-023

Drupal Security TeamMar 4

AJAX Dashboard - Critical - Access bypass - SA-CONTRIB-2026-022

https://www.drupal.org/sa-contrib-2026-022