CVE-2026-0944

EPSS 0.2%
Veröffentlicht 04.02.2026 20:25:17
Zuletzt bearbeitet 11.02.2026 19:19:44
Quelle mlhess@drupal.org
CVE-Watchlists
Login
Unerledigt
Login

Group invite - Moderately critical - Access bypass - SA-CONTRIB-2026-001

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Group invite allows Forceful Browsing.This issue affects Group invite: from 0.0.0 before 2.3.9, from 3.0.0 before 3.0.4, from 4.0.0 before 4.0.4.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

NVD 3 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Metadrop ≫ Group Invite SwPlatformdrupal Version < 2.3.9

Metadrop ≫ Group Invite SwPlatformdrupal Version >= 3.0.0 < 3.0.4

Metadrop ≫ Group Invite SwPlatformdrupal Version >= 4.0.0 < 4.0.4

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.2%	0.095

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

https://www.drupal.org/sa-contrib-2026-001

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-0944

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-0944

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-0944

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-0944