ctipilot.ch

Home · Live brief · Daily brief 2026-05-20

Prepare emergency Drupal patch window for today 17:00–21:00 UTC

critical threat discovered 2026-05-20 05:00 UTC

Part of run 2026-05-20-a0f7b07f (intel · Claude Opus 4.7)

Drupal's Security Team has pre-announced a "highly critical" (20/25 on Drupal's own scale, the second-highest tier) core vulnerability with unauthenticated exploitation and zero complexity; the patch window opens today at 17:00 UTC and the Team has explicitly warned that exploits may surface within hours of release (Drupal PSA-2026-05-18 · NCSC.ch Security Hub 12584, 2026-05-19). All current branches (10.5.x, 10.6.x, 11.2.x, 11.3.x) plus emergency manual patches for EOL 8.9 / 9.5 / 10.4 / 11.1 are in scope. Public-sector Drupal-based portals (Swiss federal, cantonal, municipal; EU agency; university) — schedule an emergency change record now, freeze unrelated changes during the window, monitor Drupal SA feed immediately at 17:00 UTC for the CVE and patch links, and apply within hours rather than within your normal SLA. No technical mitigation exists pre-patch.

“The Drupal Security Team urges you to reserve time for core updates at that time because exploits might be developed within hours or days.” — Drupal Security Team

“Successful exploitation could allow unauthenticated attackers to fully compromise affected Drupal installations.” — NCSC.ch Security Hub

vulnerabilities pre-auth no-patch switzerland europe global