DRUPAL has addressed a highly critical vulnerability (CVE-2026-9082) in its CMS, which could allow attackers to exploit PostgreSQL databases through crafted requests, leading to SQL injection risks. The flaw can be exploited without authentication, enabling information retrieval and potential privilege escalation. Patches are available for various Drupal versions, and it is advised to update all dependencies, as other vulnerabilities in Symfony and Twig were also addressed. This is the first highly critical vulnerability in years, contrasting with previous major vulnerabilities like 'Drupalgeddon.'
Drupal patches PostgreSQL SQL injection flaw CVE-2026-9082
Incident
Open incident page
Drupal SQL Injection Bug Exploited Live, Extortion Tactics Surge
The Security Affairs newsletter Round 578, authored by Pierluigi Paganini, highlights significant Cybersecurity incidents and threats. Key points include a critical SQL injection flaw in Drupal (CVE-2026-9082) currently under attack, the rise of pure extortion in cybercrime over traditional ransomware, and arrests related to the Kimwolf botnet. The…
First seen 2026-05-21T11:01:15.622Z · Last seen 2026-05-24T12:32:28.252Z
CyberSIXT Evidence Panel
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
Drupal SQL Injection Bug Exploited Live, Extortion Tactics Surge
cybersixt.com
-
CISA adds Drupal SQL flaw CVE-2026-9082 to KEV catalogue
-
Critical Drupal SQLi flaw exposes thousands of PostgreSQL sites
-
Drupal Core Critical Flaw CVE-2026-9082 Allows RCE
-
Drupal Critical SQL Flaw CVE-2026-9082 Prompts Urgent Patch
-
Drupal patches PostgreSQL SQL injection flaw CVE-2026-9082
www.securityweek.com