Ref# ADV2026_74 | Date: Feb 12th 2026

---

Drupal published a security advisory highlighting vulnerabilities in the following products on February 11, 2026. It is recommended that you take the necessary precautions by ensuring your products are always updated.

• QuickEdit – versions prior to 1.0.5 and versions 2.0.0 to versions prior to 2.0.1
• UI Icons – versions prior to 1.0.1 and version 1.1.0 to versions prior to 1.1.1

For more information on these updates, you can follow these URLs:

• Quick Edit – Moderately critical – Cross-site Scripting – SA-CONTRIB-2026-009
• UI Icons – Moderately critical – Cross-site Scripting – SA-CONTRIB-2026-010
• Drupal Security Advisories

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary.

PDF Download: Drupal Security Advisory

References

• Drupal Security Advisory (February 11th, 2026). Retrieved from Drupal. https://www.drupal.org/security
• Drupal Security Advisory. (February 11th, 2026). Retrieved from Canadian Centre for Cyber Security. https://cyber.gc.ca/en/alerts-advisories/drupal-security-advisory-av26-121