Lightnews — Scholar-powered news

Drupal Security Team

@drupalsecurity.bsky.social

700 followers 2 following 130 posts

Automatically post Drupal Security Advisories & related news. Follow Drupal Security Team.
@gknaddison.bsky.social
to get RT. DM & mentions not monitored. https://drupal.org/node/101494

Posts Replies Media Videos

Drupal Security Team

@drupalsecurity.bsky.social

Simple multi step form - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-116 Read post

November 5, 2025 at 6:11 PM

Drupal Security Team

@drupalsecurity.bsky.social

Email TFA - Moderately critical - Access bypass - SA-CONTRIB-2025-115 Read post

November 5, 2025 at 6:11 PM

Drupal Security Team

@drupalsecurity.bsky.social

Normal Drupal core security window rescheduled for November 12, 2025 due to DrupalCon - PSA-2025-11-03 Read post

November 3, 2025 at 3:44 PM

Drupal Security Team

@drupalsecurity.bsky.social

Simple OAuth (OAuth2) & OpenID Connect - Critical - Access bypass - SA-CONTRIB-2025-114 Read post

October 29, 2025 at 5:08 PM

Drupal Security Team

@drupalsecurity.bsky.social

CivicTheme Design System - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-113 Read post

October 22, 2025 at 5:08 PM

Drupal Security Team

@drupalsecurity.bsky.social

CivicTheme Design System - Moderately critical - Information disclosure - SA-CONTRIB-2025-112 Read post

October 22, 2025 at 5:08 PM

Drupal Security Team

@drupalsecurity.bsky.social

Reverse Proxy Header - Less critical - Access bypass - SA-CONTRIB-2025-111 Read post

September 24, 2025 at 5:36 PM

Drupal Security Team

@drupalsecurity.bsky.social

Currency - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-110 Read post

September 24, 2025 at 5:36 PM

Drupal Security Team

@drupalsecurity.bsky.social

Umami Analytics - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-109 Read post

September 24, 2025 at 5:36 PM

Drupal Security Team

@drupalsecurity.bsky.social

Access code - Moderately critical - Access bypass - SA-CONTRIB-2025-108 Read post

September 24, 2025 at 5:36 PM

Drupal Security Team

@drupalsecurity.bsky.social

Plausible tracking - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-107 Read post

September 24, 2025 at 5:21 PM

Drupal Security Team

@drupalsecurity.bsky.social

JSON Field - Critical - Cross Site Scripting - SA-CONTRIB-2025-106 Read post

September 24, 2025 at 5:21 PM

Drupal Security Team

@drupalsecurity.bsky.social

Third-Party Libraries and Supply Chains - PSA-2025-09-17 Read post

September 17, 2025 at 8:43 PM

Drupal Security Team

@drupalsecurity.bsky.social

Acquia DAM - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-105 Read post

September 3, 2025 at 5:07 PM

Drupal Security Team

@drupalsecurity.bsky.social

Owl Carousel 2 - Critical - Unsupported - SA-CONTRIB-2025-104 Read post

August 27, 2025 at 5:21 PM

Drupal Security Team

@drupalsecurity.bsky.social

API Key manager - Critical - Unsupported - SA-CONTRIB-2025-103 Read post

August 27, 2025 at 5:21 PM

Drupal Security Team

@drupalsecurity.bsky.social

Synchronize composer.json With Contrib Modules - Critical - Unsupported - SA-CONTRIB-2025-102 Read post

August 27, 2025 at 5:21 PM

Drupal Security Team

@drupalsecurity.bsky.social

Protected Pages - Moderately critical - Access bypass - SA-CONTRIB-2025-101 Read post

August 27, 2025 at 5:21 PM

Drupal Security Team

@drupalsecurity.bsky.social

Facets - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-100 Read post

August 27, 2025 at 5:21 PM

Drupal Security Team

@drupalsecurity.bsky.social

Facets - Moderately critical - Information Disclosure - SA-CONTRIB-2025-099 Read post

August 27, 2025 at 5:21 PM

Drupal Security Team

@drupalsecurity.bsky.social

Authenticator Login - Moderately critical - Access bypass - SA-CONTRIB-2025-098 Read post

August 27, 2025 at 5:21 PM

Drupal Security Team

@drupalsecurity.bsky.social

Layout Builder Advanced Permissions - Moderately critical - Access bypass - SA-CONTRIB-2025-097 Read post

August 13, 2025 at 5:44 PM

Drupal Security Team

@drupalsecurity.bsky.social

Authenticator Login - Highly critical - Access bypass - SA-CONTRIB-2025-096 Read post

August 13, 2025 at 5:44 PM

Drupal Security Team

@drupalsecurity.bsky.social

AI SEO Link Advisor - Less critical - Server-side Request Forgery - SA-CONTRIB-2025-095 Read post

August 6, 2025 at 5:29 PM

Drupal Security Team

@drupalsecurity.bsky.social

GoogleTag Manager - Moderately critical - Cross-site scripting - SA-CONTRIB-2025-094 Read post

July 30, 2025 at 5:28 PM

Light upyour news

Sign in to Lightnews

Sign up to start reading

Connect Bluesky

Connect with Bluesky

Light up
your news