Zero Day MonitorZDM

← Back to list

EST

PRE-CVEPATCHED

drupal · drupal core and contributed modules

Multiple vulnerabilities in Drupal core and contributed modules

72% confidence

Description

Multiple vulnerabilities affecting Drupal core and contributed modules including Plotly.js Graphing, Flag attendance field, and Formatter Field. Critical updates have been released to address these issues.

Affected Products

Vendor	Product	Versions
drupal	drupal core and contributed modules	Plotly.js Graphing versions prior to 3.0.2, Flag attendance field versions prior to 8.x-1.2, Formatter Field versions prior to 2.0.0

Related News (1 articles)

Tier B

CCCS Canada2h ago

Drupal security advisory (AV26-615)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available

3.0.2 for Plotly.js Graphing8.x-1.2 for Flag attendance field2.0.0 for Formatter Field

PublishedJun 18, 2026

Last enriched2h ago

Tags

multiple vulnerabilitiescritical updatedrupal coreplotly.jsflag attendance fieldformatter field

Trending Score30

Source articles1

Independent1

Info Completeness6/14

Missing: cve_id, cvss, epss, cwe, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-9082EXPKEV

Drupal core - Highly critical - SQL injection - SA-CORE-2026-004

CRITICALPRE-CVEEXP

Multiple Vulnerabilities in Various Drupal Extensions

CRITICALPRE-CVE

Critical Arbitrary PHP Code Execution in Drupal AlternativeCommerce (Basket)

NONECVE-2026-6816EXP

TFA Basic Plugins - Access Bypass

CRITICALCVE-2026-8495

Date iCal - Critical - Information disclosure - SA-CONTRIB-2026-037

Pin to Dashboard

Verification

State: reported

Confidence: 72%

Vulnerability Timeline

CVE Published

Jun 18, 2026

Patch Available

Jun 18, 2026

Discovered by ZDM

Jun 18, 2026