1
CVEs
0
Critical
0
High
0
KEV
0
PoC
0
Unpatched C/H
100.0%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
0
HIGH
0
MEDIUM
1
LOW
0
Monthly CVE Trend
Affected Products (30)
PHP
14
Open Social
8
Miniorange 2fa
6
Artificial Intelligence
5
Deserialization
4
Two Factor Authentication
4
Cookies Consent Management
3
One Time Password
3
Paragraphs Table
2
Google Tag
2
Email Tfa
2
Node Access Rebuild Progressive
2
File Entity
2
Command Injection
2
Simple Klaro
2
Quick Node Block
2
AI / ML
2
Authenticator Login
2
Monster Menus
2
Post File
2
Entity Share
1
Protected Pages
1
Opigno Module
1
Learning Path
1
Diff
1
Single Content Sync
1
Toc.Js
1
Facets
1
Spamspan Filter
1
Dam
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-3212 | A Cross-Site Scripting (XSS) vulnerability exists in Drupal Tagify module versions prior to 1.2.49, stemming from improper neutralization of user input during web page generation. An attacker can inject malicious scripts that execute in the context of other users' browsers, potentially leading to session hijacking, credential theft, or malware distribution. This vulnerability affects all Tagify installations from version 0.0.0 through 1.2.48, and patch availability has been confirmed through the Drupal security advisory. | MEDIUM | 5.4 | 0.0% | 27 |
|