PatchSiren cyber security CVE debrief
CVE-2026-55806 Drupal CVE debrief
CVE-2026-55806 is a URL Redirection to Untrusted Site vulnerability in Drupal Core. This issue allows Content Spoofing and affects multiple Drupal core versions. The vulnerability could potentially allow attackers to redirect users to untrusted sites, leading to phishing attacks or other malicious activities. Users of affected versions should prioritize updating to the latest version of Drupal core to mitigate this vulnerability.
- Vendor
- Drupal
- Product
- Drupal core
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-10
- Original CVE updated
- 2026-07-10
- Advisory published
- 2026-07-10
- Advisory updated
- 2026-07-10
Who should care
Users of Drupal core versions from 0.0.0 to 10.5.12, 10.6.0 to 10.6.11, 11.2.0 to 11.2.14, and 11.3.0 to 11.3.12 should be aware of this vulnerability and prioritize updating to the latest version of Drupal core to mitigate the risk of Content Spoofing attacks.
Technical summary
The vulnerability is described as a URL Redirection to Untrusted Site issue in Drupal Core, which could allow Content Spoofing. The affected versions are from 0.0.0 to 10.5.12, 10.6.0 to 10.6.11, 11.2.0 to 11.2.14, and 11.3.0 to 11.3.12. This vulnerability could potentially allow attackers to redirect users to untrusted sites, leading to phishing attacks or other malicious activities. Users of affected versions should prioritize updating to the latest version of Drupal core to mitigate this vulnerability. It is essential to review and update affected versions, monitor for potential Content Spoofing attempts, and confirm whether affected product deployments exist in managed environments.
Defensive priority
High priority should be given to updating Drupal core to the latest version due to the potential for Content Spoofing.
Recommended defensive actions
- Update Drupal core to the latest version
- Review and update affected versions
- Monitor for potential Content Spoofing attempts
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
Evidence notes
The CVE record was published on 2026-07-10T22:16:43.460Z and has not been modified since then. The NVD entry is currently in the 'Received' status. This information is based on the supplied source corpus and may not reflect the full scope or details of the vulnerability. Users should verify the information with the official CVE record and NVD entry for the most up-to-date and accurate information.
Official resources
-
CVE-2026-55806 CVE record
CVE.org
-
CVE-2026-55806 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-10T22:16:43.460Z and has not been modified since then. The NVD entry is currently in the 'Received' status.