Known Vulnerabilities for Web Links by Drupal
Listed below are 10 of the newest known vulnerabilities associated with "Web Links" by "Drupal".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59923 json | Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, HTMLRenderer.safe_url() does not block percen... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-59887 json | linkify-it is a links recognition library with full Unicode support. Prior to 5.0.2, the mailto: schema validator used by .te... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-58374 json | In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be) Multi-Link Operation (MLO) association requ... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-57963 json | An attacker who can send HTML chat messages (via Matrix or XMPP) can inject arbitrary styled content, phishing links, and CSS... | Not Provided | 2026-07-01 | 2026-07-01 |
| CVE-2026-57345 json | Unauthenticated Cross Site Scripting (XSS) in Internal Links Manager <= 3.0.3 versions. | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-57020 json | An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networ... | Not Provided | 2026-07-09 | 2026-07-10 |
| CVE-2026-56332 json | Capgo before 12.128.2 contains an open redirect vulnerability in the confirm-signup endpoint that allows attackers to redirec... | Not Provided | 2026-06-20 | 2026-06-22 |
| CVE-2026-56312 json | Capgo before 12.128.2 contains an improper validation vulnerability in the accept_invitation endpoint that creates user accou... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-56224 json | Capgo console.capgo.app/login before 12.128.2 accepts access_token and refresh_token in URL query parameters, automatically a... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-54352 json | Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/process-zip` at packages/server/src/api/routes/... | Not Provided | 2026-06-26 | 2026-06-27 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Drupal | Web Links | 7.x-1.0 | |||
| Application | Drupal | Web Links | 7.x-1.0 | |||
| Application | Drupal | Web Links | 7.x-1.0 | |||
| Application | Drupal | Web Links | 7.x | |||
| Application | Drupal | Web Links | 6.x-2.6 | |||
| Application | Drupal | Web Links | 6.x-2.5 | |||
| Application | Drupal | Web Links | 6.x-2.4 | |||
| Application | Drupal | Web Links | 6.x-2.3 | |||
| Application | Drupal | Web Links | 6.x-2.2 | |||
| Application | Drupal | Web Links | 6.x-2.1 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 | |||
| Application | Drupal | Web Links | 6.x-2.0 |