CVE-2026-3532 - Vulnerability Details - OpenCVE

Improper Handling of Case Sensitivity vulnerability in Drupal OpenID Connect / OAuth client allows Privilege Escalation.This issue affects OpenID Connect / OAuth client: from 0.0.0 before 1.5.0.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00018.

Key SSVC decision points have not yet been added.

Vendors	Products
Drupal	Openid

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Drupal	Openid

References

Link	Providers
https://www.drupal.org/sa-contrib-2026-027

History

Fri, 27 Mar 2026 08:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Drupal Drupal openid
Vendors & Products		Drupal Drupal openid

Thu, 26 Mar 2026 20:30:00 +0000

Type	Values Removed	Values Added
Description		Improper Handling of Case Sensitivity vulnerability in Drupal OpenID Connect / OAuth client allows Privilege Escalation.This issue affects OpenID Connect / OAuth client: from 0.0.0 before 1.5.0.
Title		OpenID Connect / OAuth client - Less critical - Access bypass - SA-CONTRIB-2026-027
Weaknesses		CWE-178
References		https://www.drupal.org/sa-contrib-2026-027

MITRE

Status: PUBLISHED

Assigner: drupal

Published: 2026-03-26T20:04:03.160Z

Updated: 2026-03-27T13:53:59.637Z

Reserved: 2026-03-04T16:42:01.310Z

Link: CVE-2026-3532

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-03-26T21:17:09.420

Modified: 2026-03-26T21:17:09.420

Link: CVE-2026-3532

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-27T09:23:41Z

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3532", "assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "state": "PUBLISHED", "assignerShortName": "drupal", "dateReserved": "2026-03-04T16:42:01.310Z", "datePublished": "2026-03-26T20:04:03.160Z", "dateUpdated": "2026-03-27T13:53:59.637Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "shortName": "drupal", "dateUpdated": "2026-03-26T20:04:03.160Z"}, "title": "OpenID Connect / OAuth client - Less critical - Access bypass - SA-CONTRIB-2026-027", "datePublic": "2026-03-04T18:02:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-178", "description": "CWE-178 Improper Handling of Case Sensitivity", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "affected": [{"vendor": "Drupal", "product": "OpenID Connect / OAuth client", "collectionURL": "https://www.drupal.org/project/openid_connect", "repo": "https://git.drupalcode.org/project/openid_connect", "versions": [{"status": "affected", "version": "0.0.0", "lessThan": "1.5.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Improper Handling of Case Sensitivity vulnerability in Drupal OpenID Connect / OAuth client allows Privilege Escalation.This issue affects OpenID Connect / OAuth client: from 0.0.0 before 1.5.0.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Improper Handling of Case Sensitivity vulnerability in Drupal OpenID Connect / OAuth client allows Privilege Escalation.<p>This issue affects OpenID Connect / OAuth client: from 0.0.0 before 1.5.0.</p>"}]}], "references": [{"url": "https://www.drupal.org/sa-contrib-2026-027"}], "credits": [{"lang": "en", "value": "Eric Smith (ericgsmith)", "type": "finder"}, {"lang": "en", "value": "Philip Frilling (pfrilling)", "type": "remediation developer"}, {"lang": "en", "value": "Greg Knaddison (greggles)", "type": "coordinator"}, {"lang": "en", "value": "Drew Webber (mcdruid)", "type": "coordinator"}, {"lang": "en", "value": "Juraj Nemec (poker10)", "type": "coordinator"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T13:53:56.616725Z", "id": "CVE-2026-3532", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T13:53:59.637Z"}}]}}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.0.0,1.5.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "OpenID Connect / OAuth client", "source": "cna", "vendor": "Drupal"}, "product": "openid", "vendor": "drupal"}], "analysis": {"en": {"generated_at": "2026-03-26T21:36:46.140295+00:00", "value": {"mitigation_remediation": ["Update the OpenID Connect / OAuth client module to version 1.5.0 or newer", "Verify that the system is running the patched version by checking the module version", "Reload or clear caches so that the updated code takes effect", "If an immediate upgrade is impossible, temporarily disable external authentication or restrict OAuth scopes to limit potential abuse"], "summary": {"action": "Apply Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Drupal OpenID Connect / OAuth client is affected. Versions from initial release through 1.4.x are vulnerable; the fix is included in version 1.5.0 and later.", "description_and_impact": "The vulnerability is an improper handling of case sensitivity within Drupal's OpenID Connect / OAuth client, which allows an attacker to bypass normal access controls and elevate privileges. Because authentication state can be manipulated by using different letter cases where the system incorrectly treats them as distinct, an attacker could gain higher-level access without proper authorization. This is a direct example of the weakness described by CWE-178.", "risk_and_exploitability": "Exploit data is limited, EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog, indicating no known widespread exploitation. Nonetheless, the ability to gain elevated privileges poses a significant threat to the confidentiality, integrity, and availability of the system. A likely attack path involves forging authentication requests that rely on case-insensitive comparisons to bypass checks. The lack of a published exploit does not diminish the need for a swift patch, as the vulnerability is straightforward to trigger once the issue is known."}}}}, "created": "2026-03-27T08:32:12.653900+00:00", "updated": "2026-03-27T09:23:41.153173+00:00", "vendors": ["drupal", "drupal$PRODUCT$openid"]}