Improper input validation in Qos.ch Sarl Logback-core

CVE-2026-13006

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.34 in Java applications, allows an attacker to execute arbitrary code circumventing existing protections against CVE-202…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.001 (2.3th percentile) — read the EPSS interpretation.