This page aggregates publicly disclosed CVE and security risk information related to drupal_canvas_project, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-3216 | Server-Side Request Forgery (SSRF) vulnerability in Drupal Drupal Canvas allows Server Side Request Forgery.This issue affects Drupal Canvas: from 0.0.0 before 1.1.1. | [email protected] | 5.0 | 0.03% | 2026-03-25 | 2026-03-31 |
| CVE-2026-1553 | Incorrect Authorization vulnerability in Drupal Drupal Canvas allows Forceful Browsing.This issue affects Drupal Canvas: from 0.0.0 before 1.0.4. | [email protected] | 4.8 | 0.05% | 2026-02-04 | 2026-02-11 |