Republish Drupal Security Advisories & related news. Follow Drupal Security Team. @mlh407 to get RT. DM & mentions not monitored. drupal.org/node/101494
Joined April 2009
- Tweets 1,676
- Following 23
- Followers 14,334
- Likes 76
1 Photos and videos
Pinned Tweet
19 Feb 2025
Drupal Security Advisory content is automatically posted to other social/feed services like bsky.app/profile/drupalsecur… and drupal.community/@drupalsecu…
2
1
2,280
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004 read more at drupal.org/sa-core-2026-004
2
9
22
14,260
The Drupal Security Team estimates that up to 5% of Drupal sites may be vulnerable to this highly critical issue. Furthermore, a majority of Drupal sites may also be affected by the Symfony and Twig security advisories published today, so all sites should update soon.
1
4
7
1,698
Drupal-related security releases today include those referenced below. You can start updating dependencies from Symfony and doing testing steps now.
May 20
1
9
23
10,014
Upcoming highly critical release on May 20, 2026 - PSA-2026-05-18 Read more: drupal.org/psa-2026-05-18
1
14
18
5,719
Site owners are encouraged to get their sites ready for a release of Drupal core that may affect them. Site owners should make upgrades easier (e.g. update to the most recent release, improve deployment automation, improve automated testing) given the current security climate.
1
7
1,370
22 Apr 2025
The Drupal Security Team now has a Linkedin page. It will be for longer-form content than this channel, so participating in both communities is encouraged. Follow here linkedin.com/showcase/drupal…
1
5
14
1,602
19 Feb 2025
New Drupal core releases address XSS, access bypass, and a gadget chain hardening. The XSS issue is protected by the Drupal Steward service. Details on all 3 issues available at drupal.org/sa-core-2025-001 drupal.org/sa-core-2025-002 drupal.org/sa-core-2025-003
1
9
1,140
16 Oct 2024
Drupal core - Moderately critical - Improper error handling - SA-CORE-2024-002 drupal.org/sa-core-2024-002 Only Drupal 10.0 through 10.2 are affected.
2
4
1,554
11 Sep 2024
File Entity (fieldable files) - Moderately critical - Information Disclosure - SA-CONTRIB-2024-040 dlvr.it/TD6pWt
3
2
847
11 Sep 2024
Security Kit - Less critical - Denial of Service - SA-CONTRIB-2024-039 dlvr.it/TD6pWK
2
1
739
4 Sep 2024
Open Social - Moderately critical - Denial of Service - SA-CONTRIB-2024-038 dlvr.it/TCqRyz
1
760
4 Sep 2024
Open Social - Moderately critical - Cross Site Scripting, Denial of Service - SA-CONTRIB-2024-037 dlvr.it/TCqRyZ
2
2
647
4 Sep 2024
Paragraphs table - Critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-036 dlvr.it/TCqRyR
Paragraphs table - Critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-036
drupal.org 1
1
541
4 Sep 2024
Content Entity Clone - Moderately critical - Information Disclosure - SA-CONTRIB-2024-035 dlvr.it/TCqRyP
Content Entity Clone - Moderately critical - Information Disclosure - SA-CONTRIB-2024-035
drupal.org 3
1
522
4 Sep 2024
Freelinking - Moderately critical - Information Disclosure - SA-CONTRIB-2024-034 dlvr.it/TCqRy2
3
2
548
28 Aug 2024
Advanced Varnish - Moderately critical - Access bypass - SA-CONTRIB-2024-033 dlvr.it/TCVC0z
1
3
758
21 Aug 2024
Opigno - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-032 dlvr.it/TCCBYl
1
1
666
21 Aug 2024
Opigno TinCan Question Type - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-031 dlvr.it/TCCBYd
1
1
594