wid-sec-w-2026-1799 · Published 2026-06-04 · View on BSI CERT-Bund ↗

Drupal Erweiterungen: Multiple Vulnerabilities

CVSS N/A NONE

Risk Summary

Ein entfernter Angreifer kann mehrere Schwachstellen in verschiedenen Drupal Erweiterungen ausnutzen, um Daten zu manipulieren oder offenzulegen, sowie um Cross-Site Scripting Angriffe durchzuführen.

CVEs (4)

CVE-2026-10768 CVE-2026-10769 CVE-2026-10770 CVE-2026-49977

Affected Vendors

Open Source

Affected Products (8)

Open Source · Drupal LocalGov Workflows <1.6.0

Open Source · Drupal LocalGov Workflows 1.6.0

Open Source · Drupal TacJS <6.8

Open Source · Drupal TacJS 6.8

Open Source · Drupal Commerce Core <3.3.6

Open Source · Drupal Commerce Core 3.3.6

Open Source · Drupal Anti-Spam by CleanTalk <9.7.1

Open Source · Drupal Anti-Spam by CleanTalk 9.7.1

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more