CVE Daily

CVE-2025-7393

Improper Restriction of Excessive Authentication Attempts vulnerability in Drupa...

Critical CVSS 9.8

Overview

Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Mail Login allows Brute Force.This issue affects Mail Login: from 3.0.0 before 3.2.0, from 4.0.0 before 4.2.0.

CWE: CWE-307 Published: 2025-07-21T17:15:37.640
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.8 (CRITICAL)
  • Detected tags: drupal (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags