Improper Modification Vulnerability in Plotly.js Graphing by Drupal
CVE-2026-55810

Currently unrated

Key Information:

Vendor

Drupal

Vendor
CVE Published:
10 July 2026

What is CVE-2026-55810?

An improper modification vulnerability exists in Plotly.js Graphing, which can lead to object injection. This flaw allows attackers to manipulate dynamically determined object attributes, potentially compromising the integrity of the application and exposing sensitive data. Users of Plotly.js Graphing versions ranging from 0.0.0 to 3.0.2 are urged to review their installations and implement necessary security measures to mitigate the risk.

Affected Version(s)

Plotly.js Graphing 0.0.0 < 3.0.2

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Drew Webber (mcdruid)
Stephen Mustgrave (smustgrave)
Greg Knaddison (greggles)
Drew Webber (mcdruid)
Jess (xjm)
.