CVE-2026-58590

Missing Authorization vulnerability in Drupal FlowDrop allows Forceful Browsing. This issue affects FlowDrop versions: from 0.0.0 to 1.6.0.
References
Link Resource
https://www.drupal.org/sa-contrib-2026-068 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:flowdrop_project:flowdrop:*:*:*:*:*:drupal:*:*

History

14 Jul 2026, 18:55

Type Values Removed Values Added
First Time Flowdrop Project flowdrop
Flowdrop Project
References () https://www.drupal.org/sa-contrib-2026-068 - () https://www.drupal.org/sa-contrib-2026-068 - Vendor Advisory
CPE cpe:2.3:a:flowdrop_project:flowdrop:*:*:*:*:*:drupal:*:*

13 Jul 2026, 18:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4

10 Jul 2026, 22:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-07-10 22:16

Updated : 2026-07-14 18:55


NVD link : CVE-2026-58590

Mitre link : CVE-2026-58590

CVE.ORG link : CVE-2026-58590


JSON object : View

Products Affected

flowdrop_project

  • flowdrop
CWE
CWE-862

Missing Authorization