CVE-2026-13244
Tealium iQ Tag Management - Critical - PHP object injection - SA-CONTRIB-2026-064
CVSS Score
8.1
EPSS Score
0.4%
EPSS Percentile
34th
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Tealium iQ Tag Management allows Object Injection. This issue affects Tealium iQ Tag Management versions: from 0.0.0 to 2.4.0.
| CWE | CWE-915 |
| Vendor | drupal |
| Product | tealium iq tag management |
| Ecosystems | |
| Industries | WebMedia |
| Published | Jul 10, 2026 |
| Last Updated | Jul 13, 2026 |
Stay Ahead of the Next One
Get instant alerts for drupal tealium iq tag management
Be the first to know when new high vulnerabilities affecting drupal tealium iq tag management are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Drupal / Tealium iQ Tag Management
0.0.0 < 2.4.0
Credits
Drew Webber (mcdruid) Benji Fisher (benjifisher) Daniel Schiavone (schiavone) Benji Fisher (benjifisher) Bram Driesen (bramdriesen) Neil Drumm (drumm) Drew Webber (mcdruid) Juraj Nemec (poker10)