CVE-2026-10768
LocalGov Workflows - Moderately critical - Information disclosure - SA-CONTRIB-2026-039
CVSS Score
9.8
EPSS Score
0.1%
EPSS Percentile
4th
Missing Authorization vulnerability in Drupal LocalGov Workflows allows Forceful Browsing. This issue affects LocalGov Workflows versions: from 0.0.0 to 1.6.0.
| CWE | CWE-862 |
| Vendor | drupal |
| Product | localgov workflows |
| Ecosystems | |
| Industries | WebMedia |
| Published | Jul 10, 2026 |
| Last Updated | Jul 14, 2026 |
Stay Ahead of the Next One
Get instant alerts for drupal localgov workflows
Be the first to know when new critical vulnerabilities affecting drupal localgov workflows are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Drupal / LocalGov Workflows
0.0.0 < 1.6.0
Credits
Maria Young (maria.y) Finn Lewis (finn lewis) Rupert Jabelman (rupertj) Greg Knaddison (greggles) Dave Long (longwave) Juraj Nemec (poker10)