Drupal Date iCal 0.0.04.0.15 Missing Auth for Forceful Browsing
CVE-2026-8495 Published on May 19, 2026

Date iCal - Critical - Information disclosure - SA-CONTRIB-2026-037
Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15.

NVD

Weakness Type

What is an AuthZ Vulnerability?

The software does not perform an authorization check when an actor attempts to access a resource or perform an action.

CVE-2026-8495 has been classified to as an AuthZ vulnerability or weakness.

Affected Versions

Drupal Date iCal:

Version 0.0.0 and below 4.0.15 is affected.

Drupal Date iCal 0.0.04.0.15 Missing Auth for Forceful BrowsingCVE-2026-8495 Published on May 19, 2026

Weakness Type

What is an AuthZ Vulnerability?

Affected Versions

Drupal Date iCal 0.0.04.0.15 Missing Auth for Forceful Browsing
CVE-2026-8495 Published on May 19, 2026