[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxnmmZcFC-6zx1psnJgwf8i_7wjIWF2pi18yhUQuCmqI":3},{"product":4,"cycleMajor":14,"releases":15,"cves":32,"nextMajor":59},{"id":5,"slug":6,"name":7,"category":8,"vendor":9,"description":10,"logo_url":11,"official_url":9,"synced_at":12,"created_at":13},"ddf3061a-61e1-44bf-ab2b-f6f4e4193af2","drupal","Drupal","cms",null,"Drupal is a free and open-source web content management system (CMS) written in PHP and distributed under the GNU General Public License. Drupal provides an open-source back-end framework for at least 14% of the top 10,000 websites worldwide and 1.","https:\u002F\u002Fcdn.simpleicons.org\u002Fdrupal","2026-06-09T20:02:18.511+00:00","2026-05-30T16:23:55.845073+00:00","8",[16,26],{"id":17,"product_id":5,"cycle":18,"release_date":19,"eol":20,"eol_boolean":9,"latest":21,"latest_release_date":22,"lts":23,"support":24,"created_at":25},"02624299-1121-4c93-ab15-4b2095c3bffa","8.9","2020-06-03","2021-11-02","8.9.20","2021-11-17",false,"2020-12-01","2026-05-30T16:26:04.401151+00:00",{"id":27,"product_id":5,"cycle":28,"release_date":29,"eol":24,"eol_boolean":9,"latest":30,"latest_release_date":31,"lts":23,"support":19,"created_at":25},"88881c0c-1c4e-4cc9-b92e-917ad7dcdbe5","8.8","2019-12-04","8.8.12","2020-11-25",[33,42,50,51,58],{"cveId":34,"releaseId":17,"cycle":18,"description":35,"severity":36,"cvssScore":37,"epssScore":38,"inKev":39,"publishedAt":40,"url":41},"CVE-2026-9082","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection.\n\nThis issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10.","CRITICAL",9.8,0.10403,true,"2026-05-20T20:16:41.23+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-9082",{"cveId":43,"releaseId":17,"cycle":18,"description":44,"severity":45,"cvssScore":46,"epssScore":47,"inKev":23,"publishedAt":48,"url":49},"CVE-2026-6366","Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.\n\nThis issue affects Drupal core: from 8.0.0 before 10.5.9, from 10.6.0 before 10.6.7, from 11.0.0 before 11.2.11, from 11.3.0 before 11.3.7.","MEDIUM",6.6,0.00082,"2026-05-19T23:16:58.233+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-6366",{"cveId":43,"releaseId":27,"cycle":28,"description":44,"severity":45,"cvssScore":46,"epssScore":47,"inKev":23,"publishedAt":48,"url":49},{"cveId":52,"releaseId":17,"cycle":18,"description":53,"severity":45,"cvssScore":54,"epssScore":55,"inKev":23,"publishedAt":56,"url":57},"CVE-2026-6365","Improper Neutralization of Input During Web Page Generation (\"Cross-site Scripting\") vulnerability in Drupal Drupal core allows Cross-Site Scripting (XSS).\n\nThis issue affects Drupal core: from 8.0.0 before 10.5.9, from 10.6.0 before 10.6.7, from 11.0.0 before 11.2.11, from 11.3.0 before 11.3.7.",6.1,0.00052,"2026-05-19T23:16:58.103+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-6365",{"cveId":52,"releaseId":27,"cycle":28,"description":53,"severity":45,"cvssScore":54,"epssScore":55,"inKev":23,"publishedAt":56,"url":57},"9"]