What does upgrading Drupal 11.0.13 to 11.1.10 fix?

Upgrading Drupal from 11.0.13 to 11.1.10 clears 5 known vulnerabilities (1 critical), including 1 under active exploitation (CISA KEV). 2 known issues remain in 11.1.10.

← Drupal

Drupal: 11.0.13 → 11.1.10

Drupal · upgrade impact · Official site ↗

From11.0.137 known issues To11.1.102 known issues

Fixed by upgrading to 11.1.10 iVulnerabilities that affect 11.0.13 but no longer affect 11.1.10 — the security gain from this upgrade, by exploited status then exploitation probability.

Exploited first, then by exploitation probability (EPSS).

CVE-2026-9082 CRITICAL ● exploited EPSS 10% ✓ cleared in 11.1.10 CVE-2025-13081 MEDIUM EPSS 0% ✓ cleared in 11.1.10 CVE-2025-13080 MEDIUM EPSS 0% ✓ cleared in 11.1.10 CVE-2025-13082 MEDIUM EPSS 0% ✓ cleared in 11.1.10 CVE-2025-13083 LOW EPSS 0% ✓ cleared in 11.1.10

Still open in 11.1.10 iKnown vulnerabilities that affect 11.1.10 too — upgrading to it does not clear these.

These affect 11.1.10 as well — a later release may be needed.

CVE-2026-6366 MEDIUM EPSS 0% → fixed in 11.3.7 CVE-2026-6365 MEDIUM EPSS 0% → fixed in 11.3.7