Missing Authorization in FlowDrop Affects Drupal Products
CVE-2026-58589
Currently unrated
What is CVE-2026-58589?
A missing authorization vulnerability in FlowDrop can potentially allow attackers to bypass security controls, leading to unauthenticated access to restricted areas of the application. This impacts users running FlowDrop versions from 0.0.0 to 1.6.0, enabling forceful browsing, which poses significant security risks.
Affected Version(s)
FlowDrop 0.0.0 < 1.6.0
