Signal

Multiple important vulnerabilities disclosed in Drupal, Mattermost, MISP modules, and Microsoft SharePoint

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-07-14 02:00 UTCUpdated 2026-07-14 13:00 UTC
rss
cvevulnerabilitiessecurity_advisoriesincident_response
Trend in the last 24h
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
No card needed for the free brief.
Evidence trail (top sources)
top sources (4 domains)domains are deduped. counts indicate coverage, not truth.
4 top sources shown
Multiple important vulnerabilities in Drupal core
NCSC-FI - Vulnerabilities · News · drupal.org · 2026-07-14 02:00 UTC
Multiple important vulnerabilities in Mattermost
NCSC-FI - Vulnerabilities · News · mattermost.com · 2026-07-14 02:00 UTC
Severe vulnerability in misp-modules
NCSC-FI - Vulnerabilities · Advisory · nvd.nist.gov · 2026-07-14 02:00 UTC
Overview

Several significant security vulnerabilities have been disclosed across popular software platforms including Drupal core, Mattermost, misp-modules, and Microsoft SharePoint. Drupal core faces multiple issues such as cache poisoning, PHP object injection, and server-side request forgery.

Score total
1.31
Momentum 24h
4
Posts
4
Origins
4
Source types
1
Duplicate ratio
0%
Why now
  • The vulnerabilities were recently disclosed and official fixes have been released or are forthcoming.
  • Rapid7's research highlights active efforts to identify and remediate zero-day issues.
  • Coordinated disclosures emphasize the importance of continuous security vigilance.
Why it matters
  • These vulnerabilities affect widely used software critical to web infrastructure and collaboration.
  • Exploitation could lead to unauthorized access, denial of service, or remote code execution.
  • Timely patching is essential to prevent potential attacks leveraging these flaws.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: high
Recurring claims
  • Drupal core has multiple important vulnerabilities including cache poisoning, PHP object injection, and server-side request forgery.
  • Mattermost suffers from vulnerabilities allowing unauthorized actions, denial of service, and OAuth token misuse.
  • MISP modules have a severe server-side request forgery protection bypass vulnerability.
  • Microsoft SharePoint JWT token validation flaw enables authentication bypass, with remote code execution patch forthcoming.
How sources frame it
  • Rapid7 Labs: neutral
All evidence
All evidence
Multiple important vulnerabilities in Drupal core
NCSC-FI - Vulnerabilities · drupal.org · 2026-07-14 02:00 UTC
Multiple important vulnerabilities in Mattermost
NCSC-FI - Vulnerabilities · mattermost.com · 2026-07-14 02:00 UTC
Severe vulnerability in misp-modules
NCSC-FI - Vulnerabilities · nvd.nist.gov · 2026-07-14 02:00 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 2Origin domains: 4Duplicates: -
Showing 4 / 0
Top publishers (this list)
  • NCSC-FI - Vulnerabilities (3)
  • Rapid7 Blog (1)
Top origin domains (this list)
  • rapid7.com (1)
  • drupal.org (1)
  • mattermost.com (1)
  • nvd.nist.gov (1)