A highly critical vulnerability in Drupal 8 core and several Drupal 7 contributed modules discovered: CVE-2019-6340
The Drupal security team has announced the discovery of a highly critical remote code execution vulnerability and the release of the latest version of Drupal 8 to patch the critical vulnerability which could allow remote attackers to hack Drupal sites.