A Drupal 8 security update released on Wednesday addresses several access bypass vulnerabilities affecting components such as views, the REST API and the entity access system.
Article Link: http://feedproxy.google.com/~r/Securityweek/~3/3z4UDF4KvMo/access-bypass-vulnerabilities-patched-drupal-8