CYBERSIXT Signal Over Noise
www.securityweek.com 5/22/2026, 5:32:12 PM · external

Drupal Critical SQL Flaw CVE-2026-9082 Prompts Urgent Patch

Drupal Critical SQL Flaw CVE-2026-9082 Prompts Urgent Patch
Incident Open incident page

Drupal SQL Injection Bug Exploited Live, Extortion Tactics Surge

The Security Affairs newsletter Round 578, authored by Pierluigi Paganini, highlights significant Cybersecurity incidents and threats. Key points include a critical SQL injection flaw in Drupal (CVE-2026-9082) currently under attack, the rise of pure extortion in cybercrime over traditional ransomware, and arrests related to the Kimwolf botnet. The…

First seen 2026-05-21T11:01:15.622Z · Last seen 2026-05-24T12:32:28.252Z

CVE-2026-9082
CyberSIXT Evidence Panel
Primary Source drupal.org
CVE Intel
CVE-2026-9082 - NVD Not in KEV 9.1 CRITICAL Patch Unknown
CISA KEV Not in KEV
Patch Patch Status Unknown

DRUPAL has issued a warning regarding CVE-2026-9082, a critical vulnerability that impacts its API for database query sanitization, potentially allowing SQL injection attacks. This flaw can be exploited by unauthenticated attackers, leading to information exposure, privilege escalation, or remote code execution. Approximately 5% of Drupal sites using PostgreSQL might be affected, prompting a quick patch release on May 20.

An uptick in exploitation attempts has been observed, with over 15,000 targeting nearly 6,000 sites globally, predominantly in gaming and financial sectors. Despite the rarity of highly critical vulnerabilities in Drupal in recent years, the risk level for CVE-2026-9082 has now increased, indicating urgent action needed from affected site administrators.

View Primary Source Via www.securityweek.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline