๐Ÿ” CVE Alert

CVE-2026-13239

MEDIUM 6.5

WissKI - Critical - Access bypass - SA-CONTRIB-2026-059

CVSS Score
6.5
EPSS Score
0.1%
EPSS Percentile
3th

Missing Authorization vulnerability in Drupal WissKI allows Forceful Browsing. This issue affects WissKI versions: from 0.0.0 to 4.2.0.

CWE CWE-862
Vendor drupal
Product wisski
Ecosystems
Industries
WebMedia
Published Jul 10, 2026
Last Updated Jul 13, 2026
Stay Ahead of the Next One

Get instant alerts for drupal wisski

Be the first to know when new medium vulnerabilities affecting drupal wisski are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Drupal / WissKI
0.0.0 < 4.2.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
drupal.org: https://www.drupal.org/sa-contrib-2026-059

Credits

Drew Webber (mcdruid) knurg cilefen (cilefen) Greg Knaddison (greggles) Drew Webber (mcdruid) Juraj Nemec (poker10)