Product
On June 17, 2026, Drupal released critical security advisories (AV26-615) addressing multiple vulnerabilities in Drupal core and several modules including Plotly.js Graphing, Flag attendance field, and Formatter Field, which, if unpatched, could allow remote attackers to compromise affected web servers and sensitive data.