API Key Management Vulnerability in Drupal
CVE-2025-9553

5.3MEDIUM

Key Information:

Vendor: Drupal
Status: Api Key Manager
Vendor: CVE Published:; 10 October 2025

What is CVE-2025-9553?

A vulnerability exists within the API Key Manager of Drupal that could potentially allow unauthorized access to sensitive information or unauthorized actions. This flaw affects versions of the API Key Manager and emphasizes the need for timely updates and security assessments to mitigate risks associated with improper key management practices.

Affected Version(s)

API Key manager *.*

References

https://www.drupal.org/sa-contrib-2025-103

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 10, 2025
Vulnerability Reserved
Aug 27, 2025

JSON