Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
94 changes: 94 additions & 0 deletions advisories/canvas/DRUPAL-CONTRIB-2026-065.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
{
"schema_version": "1.7.0",
"id": "DRUPAL-CONTRIB-2026-065",
"modified": "2026-07-01T17:20:16.000Z",
"published": "2026-07-01T17:20:16.000Z",
"aliases": [
"CVE-2026-58587"
],
"details": "The Canvas AI submodule allows you to upload image files via a custom API to use within the AI web chat.\n\nThese file uploads are insufficiently validated before being written to Drupal's temporary directory. In some cases, this may lead to cross-site scripting (XSS).",
"affected": [
{
"package": {
"ecosystem": "Packagist:https://packages.drupal.org/8",
"name": "drupal/canvas"
},
"severity": [],
"ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.2"
}
],
"database_specific": {
"constraint": "<1.4.2"
}
},
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "1.5.0"
},
{
"fixed": "1.5.2"
}
],
"database_specific": {
"constraint": ">=1.5.0 <1.5.2"
}
},
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "1.6.0"
},
{
"fixed": "1.6.1"
}
],
"database_specific": {
"constraint": ">=1.6.0 <1.6.1"
}
},
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "1.7.0"
},
{
"fixed": "1.7.1"
}
],
"database_specific": {
"constraint": ">=1.7.0 <1.7.1"
}
}
],
"database_specific": {
"affected_versions": "<1.4.2 || >=1.5.0 <1.5.2 || >=1.6.0 <1.6.1 || >=1.7.0 <1.7.1"
}
}
],
"references": [
{
"type": "WEB",
"url": "https://www.drupal.org/sa-contrib-2026-065"
}
],
"credits": [
{
"name": "AKHIL BABU (akhil babu)",
"contact": [
"https://www.drupal.org/u/akhil-babu"
]
}
]
}
94 changes: 94 additions & 0 deletions advisories/canvas/DRUPAL-CONTRIB-2026-066.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
{
"schema_version": "1.7.0",
"id": "DRUPAL-CONTRIB-2026-066",
"modified": "2026-07-01T17:21:09.000Z",
"published": "2026-07-01T17:21:09.000Z",
"aliases": [
"CVE-2026-58588"
],
"details": "The Canvas module allow you to upload image files via a custom API.\n\nThe validation rules check the file extension of the uploaded file but not the file MIME type. This may allow a malicious user to upload a file that is not an image.\n\nCertain web-server configurations may serve the uploaded file with its actual MIME type rather than an image type. This may lead to cross-site scripting (XSS) or other unexpected behavior.",
"affected": [
{
"package": {
"ecosystem": "Packagist:https://packages.drupal.org/8",
"name": "drupal/canvas"
},
"severity": [],
"ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.2"
}
],
"database_specific": {
"constraint": "<1.4.2"
}
},
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "1.5.0"
},
{
"fixed": "1.5.2"
}
],
"database_specific": {
"constraint": ">=1.5.0 <1.5.2"
}
},
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "1.6.0"
},
{
"fixed": "1.6.1"
}
],
"database_specific": {
"constraint": ">=1.6.0 <1.6.1"
}
},
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "1.7.0"
},
{
"fixed": "1.7.1"
}
],
"database_specific": {
"constraint": ">=1.7.0 <1.7.1"
}
}
],
"database_specific": {
"affected_versions": "<1.4.2 || >=1.5.0 <1.5.2 || >=1.6.0 <1.6.1 || >=1.7.0 <1.7.1"
}
}
],
"references": [
{
"type": "WEB",
"url": "https://www.drupal.org/sa-contrib-2026-066"
}
],
"credits": [
{
"name": "Christian L\u00f3pez Esp\u00ednola (penyaskito)",
"contact": [
"https://www.drupal.org/u/penyaskito"
]
}
]
}
66 changes: 66 additions & 0 deletions advisories/colorbox/DRUPAL-CONTRIB-2026-069.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
{
"schema_version": "1.7.0",
"id": "DRUPAL-CONTRIB-2026-069",
"modified": "2026-07-01T18:36:44.000Z",
"published": "2026-07-01T17:24:05.000Z",
"aliases": [
"CVE-2026-58591"
],
"details": "The Colorbox module integrates with the Colorbox JavaScript library to display content in an overlay above the page.\n\nThe module doesn't sufficiently protect against injection of malicious JavaScript under certain scenarios.\n\nThis vulnerability is mitigated by the fact that an attacker must have a role that permits them to enter HTML content.",
"affected": [
{
"package": {
"ecosystem": "Packagist:https://packages.drupal.org/8",
"name": "drupal/colorbox"
},
"severity": [],
"ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "0"
},
{
"fixed": "2.1.5"
}
],
"database_specific": {
"constraint": "< 2.1.5"
}
},
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "2.2.0"
},
{
"last_affected": "2.2.0"
}
],
"database_specific": {
"constraint": "2.2.0"
}
}
],
"database_specific": {
"affected_versions": "< 2.1.5 || 2.2.0"
}
}
],
"references": [
{
"type": "WEB",
"url": "https://www.drupal.org/sa-contrib-2026-069"
}
],
"credits": [
{
"name": "Pierre Rudloff (prudloff)",
"contact": [
"https://www.drupal.org/u/prudloff"
]
}
]
}
52 changes: 52 additions & 0 deletions advisories/flowdrop/DRUPAL-CONTRIB-2026-067.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
{
"schema_version": "1.7.0",
"id": "DRUPAL-CONTRIB-2026-067",
"modified": "2026-07-01T17:21:57.000Z",
"published": "2026-07-01T17:21:57.000Z",
"aliases": [
"CVE-2026-58589"
],
"details": "This module enables you to test and run AI-driven workflows interactively through a chat interface.\n\nThe module doesn't sufficiently enforce permissions on certain endpoints. Attackers may be able to trigger workflow execution (incurring LLM spend and tool side effects) or send messages into other user's sessions.\n\nThis vulnerability is mitigated by the fact that an attacker must have the permission \"View any session\", which is not granted to anonymous or authenticated users by default.",
"affected": [
{
"package": {
"ecosystem": "Packagist:https://packages.drupal.org/8",
"name": "drupal/flowdrop"
},
"severity": [],
"ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.0"
}
],
"database_specific": {
"constraint": "<1.6.0"
}
}
],
"database_specific": {
"affected_versions": "<1.6.0"
}
}
],
"references": [
{
"type": "WEB",
"url": "https://www.drupal.org/sa-contrib-2026-067"
}
],
"credits": [
{
"name": "Aincient Labs (aincient labs)",
"contact": [
"https://www.drupal.org/u/aincient-labs"
]
}
]
}
52 changes: 52 additions & 0 deletions advisories/flowdrop/DRUPAL-CONTRIB-2026-068.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
{
"schema_version": "1.7.0",
"id": "DRUPAL-CONTRIB-2026-068",
"modified": "2026-07-01T17:22:46.000Z",
"published": "2026-07-01T17:22:46.000Z",
"aliases": [
"CVE-2026-58590"
],
"details": "This module enables you to test and run AI-driven workflows interactively through a chat interface.\n\nThe module doesn't sufficiently re-evaluate a human-in-the-loop approval gate where the workflow iterates more than once. This may result in execution of workflows that were not intended by the user.\n\nThis vulnerability is mitigated by the fact that an attacker must have a role with the permission \"Administer FlowDrop workflows\" (or the equivalent \"Create FlowDrop workflows\" / \"Edit FlowDrop workflows\" permissions).",
"affected": [
{
"package": {
"ecosystem": "Packagist:https://packages.drupal.org/8",
"name": "drupal/flowdrop"
},
"severity": [],
"ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.0"
}
],
"database_specific": {
"constraint": "<1.6.0"
}
}
],
"database_specific": {
"affected_versions": "<1.6.0"
}
}
],
"references": [
{
"type": "WEB",
"url": "https://www.drupal.org/sa-contrib-2026-068"
}
],
"credits": [
{
"name": "Aincient Labs (aincient labs)",
"contact": [
"https://www.drupal.org/u/aincient-labs"
]
}
]
}