Drupal Security Team
LightNews LightNews
drupalsecurity.bsky.social
Drupal Security Team
@drupalsecurity.bsky.social
700 followers 2 following 130 posts
Automatically post Drupal Security Advisories & related news. Follow Drupal Security Team.
@gknaddison.bsky.social
to get RT. DM & mentions not monitored. https://drupal.org/node/101494
Posts Replies Media Videos
drupalsecurity.bsky.social
Drupal core - Moderately critical - Defacement - SA-CORE-2025-007 Read post
November 13, 2025 at 1:03 AM
drupalsecurity.bsky.social
Drupal core - Moderately critical - Gadget chain - SA-CORE-2025-006 Read post
November 13, 2025 at 12:17 AM
drupalsecurity.bsky.social
Drupal core - Moderately critical - Denial of Service - SA-CORE-2025-005 Read post
November 13, 2025 at 12:17 AM
drupalsecurity.bsky.social
Drupal core - Moderately critical - Information disclosure - SA-CORE-2025-008 Read post
November 13, 2025 at 12:17 AM
drupalsecurity.bsky.social
Drupal core - Moderately critical - Defacement - SA-CORE-2025-007 Read post
November 13, 2025 at 12:17 AM
drupalsecurity.bsky.social
Simple multi step form - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-116 Read post
November 5, 2025 at 6:11 PM
drupalsecurity.bsky.social
Email TFA - Moderately critical - Access bypass - SA-CONTRIB-2025-115 Read post
November 5, 2025 at 6:11 PM
drupalsecurity.bsky.social
Normal Drupal core security window rescheduled for November 12, 2025 due to DrupalCon - PSA-2025-11-03 Read post
November 3, 2025 at 3:44 PM
drupalsecurity.bsky.social
Simple OAuth (OAuth2) & OpenID Connect - Critical - Access bypass - SA-CONTRIB-2025-114 Read post
October 29, 2025 at 5:08 PM
drupalsecurity.bsky.social
CivicTheme Design System - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-113 Read post
October 22, 2025 at 5:08 PM
drupalsecurity.bsky.social
CivicTheme Design System - Moderately critical - Information disclosure - SA-CONTRIB-2025-112 Read post
October 22, 2025 at 5:08 PM
drupalsecurity.bsky.social
Reverse Proxy Header - Less critical - Access bypass - SA-CONTRIB-2025-111 Read post
September 24, 2025 at 5:36 PM
drupalsecurity.bsky.social
Currency - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-110 Read post
September 24, 2025 at 5:36 PM
drupalsecurity.bsky.social
Umami Analytics - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-109 Read post
September 24, 2025 at 5:36 PM
drupalsecurity.bsky.social
Access code - Moderately critical - Access bypass - SA-CONTRIB-2025-108 Read post
September 24, 2025 at 5:36 PM
drupalsecurity.bsky.social
Plausible tracking - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-107 Read post
September 24, 2025 at 5:21 PM
drupalsecurity.bsky.social
JSON Field - Critical - Cross Site Scripting - SA-CONTRIB-2025-106 Read post
September 24, 2025 at 5:21 PM
drupalsecurity.bsky.social
Third-Party Libraries and Supply Chains - PSA-2025-09-17 Read post
September 17, 2025 at 8:43 PM
drupalsecurity.bsky.social
Acquia DAM - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-105 Read post
September 3, 2025 at 5:07 PM
drupalsecurity.bsky.social
Owl Carousel 2 - Critical - Unsupported - SA-CONTRIB-2025-104 Read post
August 27, 2025 at 5:21 PM
drupalsecurity.bsky.social
API Key manager - Critical - Unsupported - SA-CONTRIB-2025-103 Read post
August 27, 2025 at 5:21 PM
drupalsecurity.bsky.social
Synchronize composer.json With Contrib Modules - Critical - Unsupported - SA-CONTRIB-2025-102 Read post
August 27, 2025 at 5:21 PM
drupalsecurity.bsky.social
Protected Pages - Moderately critical - Access bypass - SA-CONTRIB-2025-101 Read post
August 27, 2025 at 5:21 PM
drupalsecurity.bsky.social
Facets - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-100 Read post
August 27, 2025 at 5:21 PM
drupalsecurity.bsky.social
Facets - Moderately critical - Information Disclosure - SA-CONTRIB-2025-099 Read post
August 27, 2025 at 5:21 PM