Incorrect Authorization Vulnerability in Drupal AI Agents
CVE-2026-13237
Currently unrated
What is CVE-2026-13237?
An authorization flaw exists in the Drupal AI Agents that can lead to forceful browsing. This vulnerability affects multiple versions of AI Agents, allowing users to gain unauthorized access to resources that should be restricted. Affected users should update their installations to mitigate potential risks. For more details, see the official Drupal advisory.
Affected Version(s)
AI Agents 0.0.0 < 1.1.4
AI Agents 1.2.0 < 1.2.5
AI Agents 1.3.0 < 1.3.1
