Serial number: AV25-806
Date: December 4, 2025
On December 3, 2025, Drupal published security advisories to address vulnerabilities in the following product:
- Mini site – versions prior to 3.0.2
- CKEditor 5 Premium Features – multiple versions
- AI (Artificial Intelligence) – multiple versions
- Login Time Restriction – versions prior to 1.0.3
- Tagify – versions prior to 1.2.44
- Next.js – versions prior to 1.6.4, version 2.0.0 to version prior to 2.0.1
- Entity Share – versions prior to 3.x-3.13, versions prior to 3.13.0
- Disable Login Page – versions prior to 1.1.3
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates or perform the suggested mitigations.