๐Ÿ” CVE Alert

CVE-2026-3527

MEDIUM 6.5

AJAX Dashboard - Critical - Access bypass - SA-CONTRIB-2026-022

CVSS Score
6.5
EPSS Score
0.0%
EPSS Percentile
6th

Missing Authentication for Critical Function vulnerability in Drupal AJAX Dashboard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AJAX Dashboard: from 0.0.0 before 3.1.0.

CWE CWE-306
Vendor drupal
Product ajax dashboard
Ecosystems
Industries
WebMedia
Published Mar 26, 2026
Last Updated Mar 27, 2026
Stay Ahead of the Next One

Get instant alerts for drupal ajax dashboard

Be the first to know when new medium vulnerabilities affecting drupal ajax dashboard are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Drupal / AJAX Dashboard
0.0.0 < 3.1.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
drupal.org: https://www.drupal.org/sa-contrib-2026-022

Credits

Juraj Nemec (poker10) Michael Nolan (laboratory.mike) Bram Driesen (bramdriesen) Greg Knaddison (greggles) Juraj Nemec (poker10)