Known Vulnerabilities for Web Links by Drupal
Listed below are 10 of the newest known vulnerabilities associated with "Web Links" by "Drupal".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-56332 json | Capgo before 12.128.2 contains an open redirect vulnerability in the confirm-signup endpoint that allows attackers to redirec... | Not Provided | 2026-06-20 | 2026-06-22 |
| CVE-2026-53841 json | OpenClaw before 2026.5.12 contains a cross-site scripting vulnerability in exported session HTML that preserves unsafe javasc... | Not Provided | 2026-06-16 | 2026-06-17 |
| CVE-2026-50635 json | LimeSurvey constructs account password-reset links from the client-supplied HTTP Host header without validating it. The optio... | Not Provided | 2026-06-09 | 2026-06-09 |
| CVE-2026-50226 json | Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IME... | Not Provided | 2026-06-04 | 2026-06-04 |
| CVE-2026-50178 json | The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. the client-side Angu... | Not Provided | 2026-06-22 | 2026-06-22 |
| CVE-2026-49757 json | Authentication Bypass by Spoofing vulnerability in team-alembic AshAuthentication allows account takeover of local users via ... | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-49492 json | Markdown Preview Enhanced before 0.8.28 opens external files and links from the preview through a shell and does not validate... | Not Provided | 2026-06-05 | 2026-06-05 |
| CVE-2026-49248 json | OneDev is a Git server with CI/CD, kanban, and packages. In versions 15.0.6 and below, TarUtils.untar() creates symbolic link... | Not Provided | 2026-06-18 | 2026-06-22 |
| CVE-2026-49135 json | CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows local attackers to access sen... | Not Provided | 2026-06-01 | 2026-06-02 |
| CVE-2026-48921 json | Jenkins Pipeline: Groovy Libraries Plugin 797.v90ea_a_9b_e45a_0 and earlier does not prohibit symbolic links in shared librar... | Not Provided | 2026-05-27 | 2026-05-27 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Drupal | Web Links | 7.x-1.0 | |||
| Application | Drupal | Web Links | 7.x-1.0 | |||
| Application | Drupal | Web Links | 7.x-1.0 | |||
| Application | Drupal | Web Links | 7.x | |||
| Application | Drupal | Web Links | 6.x-2.6 | |||
| Application | Drupal | Web Links | 6.x-2.5 | |||
| Application | Drupal | Web Links | 6.x-2.4 | |||
| Application | Drupal | Web Links | 6.x-2.3 | |||
| Application | Drupal | Web Links | 6.x-2.2 | |||
| Application | Drupal | Web Links | 6.x-2.1 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 |