Drupal Latest High Vulnerabilities

File Extension Bypass Vulnerability in Drupal by Acquia

CVE-2024-13311

DrupalAllow All File Extensi...7.3HIGH

Drupal core - Critical - Cache poisoning - SA-CORE-2023-006

CVE-2023-5256

DrupalCore7.5HIGH

Improper Input Validation in Drupal Core Forms Affecting Custom Modules

CVE-2022-25273

DrupalCore7.5HIGH

File Upload Vulnerability in Drupal Core by Acquia

CVE-2022-25277

DrupalCore7.2HIGH

Access Control Flaw in Drupal Image Module

CVE-2022-25275

DrupalCore7.5HIGH

Improper Input Validation in Drupal Core's Form API Affecting User Data Security

CVE-2022-25271

DrupalCore7.5HIGH

Access Control Vulnerability in Drupal Core JSON:API by Drupal

CVE-2020-13677

DrupalCore7.5HIGH

Information Disclosure Vulnerability in Drupal Core File Module

CVE-2020-13670

DrupalCore7.5HIGH

Access Bypass Vulnerability in Drupal's JSON:API and REST/File Modules

CVE-2020-13675

DrupalCore9.8CRITICAL

CVE-2020-13663

DrupalDrupal Core8.8HIGH

CVE-2020-13664

DrupalDrupal Core8.8HIGH

CVE-2020-13665

DrupalDrupal Core9.8CRITICAL

CVE-2020-35191

DrupalDrupal Docker Images👾🟡9.8CRITICAL

CVE-2020-13671

DrupalDrupal Core👾🟡EPSS 67%🦅8.8HIGH

Drupal core - Critical - Access bypass - SA-CORE-2019-008

CVE-2019-6342

DrupalDrupal Core9.8CRITICAL

CVE-2011-2715

DrupalData-module9.8CRITICAL

CVE-2019-19826

DrupalViews Dynamic Field8.1HIGH

CVE-2011-2726

drupal coredrupal core7.5HIGH

CVE-2019-18856

DrupalSvg Sanitizer7.5HIGH

Drupal core - Highly critical - Remote Code Execution

CVE-2019-6340

DrupalDrupal Core👾🟡EPSS 97%🦅8.1HIGH

third-party PEAR Archive_Tar library updates

CVE-2019-6338

DrupalDrupal Core8HIGH

PHAR stream wrapper Arbitrary PHP code execution

CVE-2019-6339

DrupalDrupal Core👾🟡EPSS 71%9.8CRITICAL

REST API can bypass comment approval - Access Bypass - Moderately Critical

CVE-2017-6924

DrupalDrupal Core7.4HIGH

CVE-2017-6925

DrupalDrupal9.8CRITICAL

Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-004

CVE-2018-7602

DrupalCore💰👾🟡EPSS 97%🦅9.8CRITICAL

Drupal Latest High & Critical Vulnerabilities

Vulnerability Published:

Sort By:

9 January 2025

File Extension Bypass Vulnerability in Drupal by Acquia

28 September 2023

Drupal core - Critical - Cache poisoning - SA-CORE-2023-006

26 April 2023

Improper Input Validation in Drupal Core Forms Affecting Custom Modules

File Upload Vulnerability in Drupal Core by Acquia

Access Control Flaw in Drupal Image Module

16 February 2022

Improper Input Validation in Drupal Core's Form API Affecting User Data Security

11 February 2022

Access Control Vulnerability in Drupal Core JSON:API by Drupal

Information Disclosure Vulnerability in Drupal Core File Module

Access Bypass Vulnerability in Drupal's JSON:API and REST/File Modules

11 June 2021

5 May 2021

17 December 2020

20 November 2020

28 May 2020

Drupal core - Critical - Access bypass - SA-CORE-2019-008

14 January 2020

16 December 2019

15 November 2019

11 November 2019

21 February 2019

Drupal core - Highly critical - Remote Code Execution

22 January 2019

third-party PEAR Archive_Tar library updates

PHAR stream wrapper Arbitrary PHP code execution

15 January 2019

REST API can bypass comment approval - Access Bypass - Moderately Critical

19 July 2018

Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-004