SA-CONTRIB-2026-017: Drupal Canvas SSRF + Info Disclosure β The Hidden Submodule Problem
SA-CONTRIB-2026-017 is a moderately critical Drupal Canvas advisory, but the real risk hinges on one question: is the hidden canvas_ai submodule enabled? If you do not know the answer, that is the problem.
π¨ SSRF + Information Disclosure
CVE-2026-3...
victorstackai.hashnode.dev4 min read