It is used for security vulnerabilities which do not need a security advisory. For example, security issues in projects which do not have security advisory coverage, or forward-porting a change already disclosed in a security advisory. See Drupal’s security advisory policy for details. Be careful publicly disclosing security vulnerabilities! Use the “Report a security vulnerability” link in the project page’s sidebar. See how to report a security issue for details.
⚡️ Live updates comments, jobs, and issues, tagged with #Security will update issues and activities on this page.


The last 100 updated issues.


The last 7 days of comments and CI jobs.

Production build 0.62.1