CVE-2026-3530

Severity CVSS v4.0:

Pending analysis

Type:

CWE-918 Server-Side Request Forgery (SSRF)

Publication date:

26/03/2026

Last modified:

26/03/2026

Description

Server-Side Request Forgery (SSRF) vulnerability in Drupal OpenID Connect / OAuth client allows Server Side Request Forgery.This issue affects OpenID Connect / OAuth client: from 0.0.0 before 1.5.0.

Impact

References to Advisories, Solutions, and Tools

https://www.drupal.org/sa-contrib-2026-025