| Vendor | Products | CVEs | KEV | Avg EPSS | Worst Severity |
|---|
| 1 | 2 | 0 | 12.7% | MEDIUM |
| CVE ID | Description | Severity | CVSS | KEV | EPSS | Published | |
|---|
| CVE-2026-3526 | Incorrect Authorization vulnerability in Drupal File Access Fix (deprecated) allows Forceful Browsing.This issue affects File Access Fix (deprecated): from 0.0.0 before 1.2.0. | MEDIUM | 5.3 | — | 16.9% | Mar 26, 2026 | |
| CVE-2026-3525 | Incorrect Authorization vulnerability in Drupal File Access Fix (deprecated) allows Forceful Browsing.This issue affects File Access Fix (deprecated): from 0.0.0 before 1.2.0. | MEDIUM | 5.3 | — | 8.5% | Mar 26, 2026 | |