CVE-2026-11909

Missing Authorization vulnerability in Drupal Examples for Developers allows Forceful Browsing. This issue affects Examples for Developers versions: from 0.0.0 to 4.0.6.

Credits

Pierre Rudloff (prudloff)
Alberto Paderno (avpaderno)
Pierre Rudloff (prudloff)
Greg Knaddison (greggles)
Juraj Nemec (poker10)

References