Drupal Security Advisories
The Drupal Security Team publishes advisories for Drupal core (SA-CORE) and contributed modules (SA-CONTRIB). Drupal powers a long tail of government and enterprise sites, and past core vulnerabilities (“Drupalgeddon”) saw mass exploitation within hours of disclosure.
CSIRTS.com ingests Drupal Security Advisories every 3 hours, normalizes each advisory into a common schema and cross-references every CVE against the CISA KEV catalog and public exploit datasets. Publishes SA-CORE and SA-CONTRIB security advisories. Also available via RSS, JSON API and the MCP server.