Is CVE-2019-6340 in the CISA Known Exploited Vulnerabilities catalog?

Yes — CVE-2019-6340 is listed in CISA KEV, remediation due 2022-04-15.

CISA Known Exploited Vulnerability

CVE-2019-6340

In Drupal Core, some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases.

⚠ Actively exploited (CISA KEV) Drupal 2019

CISA catalog entry

Product

Core

Vendor

Drupal

Added to KEV

2022-03-25

Remediation due

2022-04-15

CVE-2019-6340 is tracked in the CISA Known Exploited Vulnerabilities catalog. WebPulse monitors it as part of its framework security intelligence.

Related vulnerabilities

CVE-2026-9082 CVE-2020-13671 CVE-2018-7602 CVE-2018-7600 CVE-2019-9978 CVE-2019-5418