Vulnerability Details CVE-2026-0748
In the Drupal 7 Internationalization (i18n) module, the i18n_node submodule allows a user with both "Translate content" and "Administer content translations" permissions to view and attach unpublished nodes via the translation UI and its autocomplete widget. This bypasses intended access controls and discloses unpublished node titles and IDs.
Exploit affects versions 7.x-1.0 up to and including 7.x-1.35.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 9.6%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2026-0748
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.0
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.1
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.10
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.11
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.12
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.13
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.14
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.15
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.16
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.17
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.18
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.19
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.2
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.20
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.22
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.24
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.25
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.26
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.3
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.4
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.5
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.6
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.7
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.8
-
cpe:2.3:a:internationalization_project:internationalization:7.x-1.9