CVE-2026-55803
N/A
N/A
Summary
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0.0 to 11.0., from 0.0.0 to 11.1..
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Drupal | Drupal core | 0.0.0 < 10.5.12 | affected |
| Drupal | Drupal core | 10.6.0 < 10.6.11 | affected |
| Drupal | Drupal core | 11.2.0 < 11.2.14 | affected |
| Drupal | Drupal core | 11.3.0 < 11.3.12 | affected |
| Drupal | Drupal core | 0.0.0 < 11.0.* | affected |
| Drupal | Drupal core | 0.0.0 < 11.1.* | affected |
Weaknesses
- CWE-915: CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.