๐Ÿ” CVE Alert

CVE-2026-15079

MEDIUM 5.4

Login Disable - Moderately critical - Access bypass - SA-CONTRIB-2026-070

CVSS Score
5.4
EPSS Score
0.2%
EPSS Percentile
12th

Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Login Disable allows Brute Force. This issue affects Login Disable versions: from 0.0.0 to 2.1.4.

CWE CWE-307
Vendor drupal
Product login disable
Ecosystems
Industries
WebMedia
Published Jul 10, 2026
Last Updated Jul 13, 2026
Stay Ahead of the Next One

Get instant alerts for drupal login disable

Be the first to know when new medium vulnerabilities affecting drupal login disable are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Drupal / Login Disable
0.0.0 < 2.1.4

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
drupal.org: https://www.drupal.org/sa-contrib-2026-070

Credits

Pierre Rudloff (prudloff) Boris Doesborg (batigolix) Greg Knaddison (greggles) Pierre Rudloff (prudloff)