CVE-2025-13081 – Drupal core – Moderately critical – Gadget chain – SA-CORE-2025-006

CVE ID : CVE-2025-13081

Published : Nov. 18, 2025, 4:54 p.m. | 10 minutes ago

Description : Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…