Drupal Security Team
LightNews LightNews
drupalsecurity.bsky.social
Drupal Security Team
@drupalsecurity.bsky.social
700 followers 2 following 140 posts
Automatically post Drupal Security Advisories & related news. Follow Drupal Security Team.
@gknaddison.bsky.social
to get RT. DM & mentions not monitored. https://drupal.org/node/101494
Posts Replies Media Videos
drupalsecurity.bsky.social
HTTP Client Manager - Less critical - Information disclosure - SA-CONTRIB-2025-126 Read post
December 17, 2025 at 6:14 PM
drupalsecurity.bsky.social
Acquia Content Hub - Moderately critical - Cross-Site Request Forgery - SA-CONTRIB-2025-125 Read post
December 10, 2025 at 5:55 PM
drupalsecurity.bsky.social
Disable Login Page - Critical - Access bypass - SA-CONTRIB-2025-124 Read post
December 3, 2025 at 6:50 PM
drupalsecurity.bsky.social
Entity Share - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-123 Read post
December 3, 2025 at 6:50 PM
drupalsecurity.bsky.social
Next.js - Critical - Access bypass - SA-CONTRIB-2025-122 Read post
December 3, 2025 at 6:50 PM
drupalsecurity.bsky.social
Tagify - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-121 Read post
December 3, 2025 at 6:50 PM
drupalsecurity.bsky.social
Login Time Restriction - Moderately critical - Cross-Site Request Forgery - SA-CONTRIB-2025-120 Read post
December 3, 2025 at 6:50 PM
drupalsecurity.bsky.social
AI (Artificial Intelligence) - Moderately critical - Cross-Site Scripting - SA-CONTRIB-2025-119 Read post
December 3, 2025 at 6:50 PM
drupalsecurity.bsky.social
CKEditor 5 Premium Features - Moderately critical - Access bypass - SA-CONTRIB-2025-118 Read post
December 3, 2025 at 6:50 PM
drupalsecurity.bsky.social
Mini site - Moderately critical - Cross-Site Scripting - SA-CONTRIB-2025-117 Read post
December 3, 2025 at 6:50 PM
drupalsecurity.bsky.social
Drupal core - Moderately critical - Information disclosure - SA-CORE-2025-008 Read post
November 13, 2025 at 6:48 PM
drupalsecurity.bsky.social
Drupal core - Moderately critical - Defacement - SA-CORE-2025-007 Read post
November 13, 2025 at 1:03 AM
drupalsecurity.bsky.social
Drupal core - Moderately critical - Gadget chain - SA-CORE-2025-006 Read post
November 13, 2025 at 12:17 AM
drupalsecurity.bsky.social
Drupal core - Moderately critical - Denial of Service - SA-CORE-2025-005 Read post
November 13, 2025 at 12:17 AM
drupalsecurity.bsky.social
Drupal core - Moderately critical - Information disclosure - SA-CORE-2025-008 Read post
November 13, 2025 at 12:17 AM
drupalsecurity.bsky.social
Drupal core - Moderately critical - Defacement - SA-CORE-2025-007 Read post
November 13, 2025 at 12:17 AM
drupalsecurity.bsky.social
Simple multi step form - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-116 Read post
November 5, 2025 at 6:11 PM
drupalsecurity.bsky.social
Email TFA - Moderately critical - Access bypass - SA-CONTRIB-2025-115 Read post
November 5, 2025 at 6:11 PM
drupalsecurity.bsky.social
Normal Drupal core security window rescheduled for November 12, 2025 due to DrupalCon - PSA-2025-11-03 Read post
November 3, 2025 at 3:44 PM
drupalsecurity.bsky.social
Simple OAuth (OAuth2) & OpenID Connect - Critical - Access bypass - SA-CONTRIB-2025-114 Read post
October 29, 2025 at 5:08 PM
drupalsecurity.bsky.social
CivicTheme Design System - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-113 Read post
October 22, 2025 at 5:08 PM
drupalsecurity.bsky.social
CivicTheme Design System - Moderately critical - Information disclosure - SA-CONTRIB-2025-112 Read post
October 22, 2025 at 5:08 PM
drupalsecurity.bsky.social
Reverse Proxy Header - Less critical - Access bypass - SA-CONTRIB-2025-111 Read post
September 24, 2025 at 5:36 PM
drupalsecurity.bsky.social
Currency - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-110 Read post
September 24, 2025 at 5:36 PM
drupalsecurity.bsky.social
Umami Analytics - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-109 Read post
September 24, 2025 at 5:36 PM