Vulnerability in Drupal Internationalization (I18n) - I18n_node Submodule

CVE-2026-0748

In the Drupal 7 Internationalization (i18n) module, the i18n_node submodule allows a user with both "Translate content" and "Administer content translations" permissions to view and attach unpublished nodes via the translation UI and its a…

EPSS: 0.000 (10.8th percentile) — read the EPSS interpretation.

Affected products

Drupal Internationalization (I18n) - I18n_node Submodule — versions 7.x-1.0

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

www.herodevs.com/vulnerability-directory/cve-2026-0748 (third-party-advisory)
d7es.tag1.com/node/86 (third-party-advisory)