Drupal Canvas

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-1553 MEDIUM PATCH This Month

Improper authorization controls in Drupal Canvas versions before 1.0.4 enable attackers to bypass access restrictions and enumerate or access restricted resources through direct browsing. The vulnerability requires specific conditions to exploit (high attack complexity) but affects all unauthenticated users with network access. Currently, no patch is publicly available and exploitation activity has not been confirmed.

Drupal Drupal Canvas

NVD

CVSS 3.1

4.8

EPSS

0.0%

CVE-2026-1553

EPSS 0% CVSS 4.8

MEDIUM PATCH This Month

Improper authorization controls in Drupal Canvas versions before 1.0.4 enable attackers to bypass access restrictions and enumerate or access restricted resources through direct browsing. The vulnerability requires specific conditions to exploit (high attack complexity) but affects all unauthenticated users with network access. Currently, no patch is publicly available and exploitation activity has not been confirmed.

Drupal Drupal Canvas

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy