CVE-2026-0945 | HackTesting

Privilege Defined With Unsafe Actions vulnerability in Drupal Role Delegation allows Privilege Escalation.This issue affects Role Delegation: from 1.3.0 before 1.5.0.

Credits

Drew Webber (mcdruid)

Adam Bramley (acbramley)

Dieter Holvoet (dieterholvoet)

Greg Knaddison (greggles)

Drew Webber (mcdruid)

Juraj Nemec (poker10)

References

https://www.drupal.org/sa-contrib-2026-002