CVE Catalog
CVE-2026-8495
CriticalSummary
A missing authorization vulnerability in Drupal Date iCal allows for forceful browsing.
Risk Assessment
Organizations may be exposed to unauthorized access to data, potentially leading to information leakage.
Recommendation
It is recommended to update the Date iCal component to version 4.0.15 or later to mitigate this vulnerability.
Original NVD description (English source)
Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15.

