CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-58590

mediumcovered by 2 sourcesfirst seen 2026-07-02
A remote, authenticated attacker can exploit multiple vulnerabilities in Drupal to conduct a cross-site scripting attack, bypass security measures, and manipulate data.

CSIRTS triage

What
Multiple vulnerabilities could allow a remote, authenticated attacker to exploit the system.
Who is affected
Users of Drupal Extensions.
Urgency
The urgency is medium, as the vulnerabilities could lead to significant security issues.
Action
Review the vendor advisory and apply necessary updates.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-58590

Get an email if CVE-2026-58590 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Advisory coverage (2)

External references

NVD record for CVE-2026-58590

CVE.org record

Embed the live status

CVE-2026-58590 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-58590 status](https://www.csirts.com/badge/CVE-2026-58590)](https://www.csirts.com/cve/CVE-2026-58590)