CVE-2025-9954

CVE-2025-9954: Acquia DAM - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-105

Vendor Drupal
Product Acquia DAM
Weakness CWE-862 · Missing authorization
Published October 29, 2025
Last update October 30, 2025

CVSS base score

What the vulnerability does

01Description

Missing Authorization vulnerability in Drupal Acquia DAM allows Forceful Browsing.This issue affects Acquia DAM: from 0.0.0 before 1.1.5.

Key dates

02Disclosure timeline

October 29, 2025 CVE published
October 30, 2025 Record updated