SB2026062517 - Remote code execution in Tealium iQ Tag Management module for Drupal
Published: June 25, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Input validation error (CVE-ID: CVE-2026-13244)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote user to compromise the target system.
The vulnerability exists due to unspecified error. A remote administrator can pass specially crafted input to the application and execute arbitrary code on the system.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.