CVE-2026-1553

Description

Incorrect Authorization vulnerability in Drupal Drupal Canvas allows Forceful Browsing.This issue affects Drupal Canvas: from 0.0.0 before 1.0.4.

CVSS breakdown

Affected products

• Drupal / Drupal Canvas0.0.0 – 1.0.4

References

• MISChttps://www.drupal.org/sa-contrib-2026-006