Drupal Composer Vulnerability Affecting Multiple Versions
CVE-2026-11914

Currently unrated

Key Information:

Vendor

Drupal

Status
Vendor
CVE Published:
10 July 2026

What is CVE-2026-11914?

A vulnerability has been identified in Drupal Composer that may allow unauthorized access or manipulation of Composer configurations. This flaw affects multiple versions of the product, necessitating immediate attention from users to ensure that their systems are secure and up to date. For detailed information on the issue and mitigation steps, refer to the official Drupal Security Advisory.

Affected Version(s)

Composer *.*

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.