Ref# ADV2025_441 | Date: Dec 22nd 2025

---

Drupal published a security advisory highlighting vulnerabilities in the following product on December 17, 2025. It is recommended that you take the necessary precautions by ensuring your product is always updated. 

• HTTP Client Manager – version 9.3.13 

• HTTP Client Manager – versions 10.0.x prior to 10.0.2 

• HTTP Client Manager – version 11.0.x prior to 11.0.1 

For more information on these updates, you can follow these URLs: 

• HTTP Client Manager – Less critical – Information disclosure – SA-CONTRIB-2025-126 

• Drupal Security Advisories 

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary. 

References 

• Drupal Security Advisory (December 17th, 2025). Retrieved from Drupal. https://www.drupal.org/sa-contrib-2025-126 

• Drupal Security Advisory. (December 17th, 2025). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/drupal-security-advisory-av25-847