πŸ” CVE Alert

CVE-2026-8491

LOW 3.7

Node View Permissions - Moderately critical - Access bypass - SA-CONTRIB-2026-034

CVSS Score
3.7
EPSS Score
0.0%
EPSS Percentile
3th

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View Permissions allows Forceful Browsing. This issue affects Node View Permissions: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.1.

CWE CWE-754
Vendor drupal
Product node view permissions
Ecosystems
Industries
WebMedia
Published May 19, 2026
Last Updated May 20, 2026
Stay Ahead of the Next One

Get instant alerts for drupal node view permissions

Be the first to know when new low vulnerabilities affecting drupal node view permissions are published β€” delivered to Slack, Telegram or Discord.

Get Free Alerts β†’ Free Β· No credit card Β· 60 sec setup

Affected Versions

Drupal / Node View Permissions
0.0.0 < 1.7.0 2.0.0 < 2.0.1

References

NVD β†— CVE.org β†— EPSS Data β†—
drupal.org: https://www.drupal.org/sa-contrib-2026-034

Credits

Adam Shepherd (adamps) BÑlint Nagy (nagy.balint) Greg Knaddison (greggles) Juraj Nemec (poker10)