Security News

Access Bypass Vulnerabilities Patched in Drupal 8 (Security Week)
2017-08-17 06:08

A Drupal 8 security update released on Wednesday addresses several access bypass vulnerabilities affecting components such as views, the REST API and the entity access system. read more

Drupal Patches Three Vulnerabilities in Core Engine (Threatpost)
2017-06-22 16:22

Developers with Drupal patched three vulnerabilities, one critical, one being exploited in the wild, in Drupal’s core engine on Wednesday.

Drupal Patches Flaw Exploited in Spam Campaigns (Security Week)
2017-06-22 08:53

Drupal security updates released on Wednesday address several vulnerabilities, including one that has been exploited in spam campaigns. The flaw exploited in the wild, patched with the release of...

Drupal Closes Access Bypass Vulnerability in Core Engine (Threatpost)
2017-04-20 13:57

Drupal released a point update for its core engine to patch a critical access bypass vulnerability.

Drupal Patches Critical Access Bypass Flaw (SecurityWeek)
2017-04-20 07:33

Flaw in Drupal Module Exposes 120,000 Sites to Attacks (SecurityWeek)
2017-04-19 08:18

Several Vulnerabilities Patched in Drupal 8 (SecurityWeek)
2017-03-16 10:33

Drupal Fixes ‘Moderately Critical’ Vulnerabilities in Core Engine (Threatpost)
2016-11-18 18:56

Drupal fixed a handful of issues in version 7 and 8 of the content management system core engine that could have led to cache poisoning, social engineering attacks, and a denial of service condition.

Hello FNAME, this is the Obama-bot Drupal chat module speaking (The Register)
2016-10-17 11:06

Drupal patches multiple security flaws in core engine (ZDNet)
2016-09-23 09:35