Project: 
Unpublished Node Permissions
Date: 
2026-March-11
Security risk: 
Critical 15 ∕ 25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:All
Vulnerability: 
Access bypass
Affected versions: 
<1.7.0
CVE IDs: 
CVE-2026-4933
Description: 

This module creates permissions per node content type to control access to unpublished nodes per content type.

The module does not consistently control access for unpublished translated nodes.

Solution: 

Install the latest version:

Reported By: 
Fixed By: 
Coordinated By: