Drupal NVPerm Improper Check (CVE-2026-8491) Forceful Browsing <1.7.0, <2.0.1
CVE-2026-8491 Published on May 19, 2026

Node View Permissions - Moderately critical - Access bypass - SA-CONTRIB-2026-034
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View Permissions allows Forceful Browsing. This issue affects Node View Permissions: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.1.

NVD

Weakness Type

Improper Check for Unusual or Exceptional Conditions

The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.

Affected Versions

Drupal Node View Permissions:

Version 0.0.0 and below 1.7.0 is affected.
Version 2.0.0 and below 2.0.1 is affected.

Drupal NVPerm Improper Check (CVE-2026-8491) Forceful Browsing <1.7.0, <2.0.1CVE-2026-8491 Published on May 19, 2026

Weakness Type

Improper Check for Unusual or Exceptional Conditions

Affected Versions

Drupal NVPerm Improper Check (CVE-2026-8491) Forceful Browsing <1.7.0, <2.0.1
CVE-2026-8491 Published on May 19, 2026