CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-58591

mediumcovered by 2 sourcesfirst seen 2026-07-02
A remote, authenticated attacker can exploit multiple vulnerabilities in Drupal to conduct a cross-site scripting attack, bypass security measures, and manipulate data.

CSIRTS triage

What
Multiple vulnerabilities could allow a remote, authenticated attacker to exploit the system.
Who is affected
Users of Drupal Extensions.
Urgency
The urgency is medium, as the vulnerabilities could lead to significant security issues.
Action
Review the vendor advisory and apply necessary updates.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-58591

Get an email if CVE-2026-58591 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Advisory coverage (2)

External references

NVD record for CVE-2026-58591

CVE.org record

Embed the live status

CVE-2026-58591 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-58591 status](https://www.csirts.com/badge/CVE-2026-58591)](https://www.csirts.com/cve/CVE-2026-58591)