CYBERSIXT Signal Over Noise
securityaffairs.com 5/23/2026, 5:30:56 PM · external

Critical Drupal SQLi flaw exposes thousands of PostgreSQL sites

Critical Drupal SQLi flaw exposes thousands of PostgreSQL sites
Incident Open incident page

Drupal SQL Injection Bug Exploited Live, Extortion Tactics Surge

The Security Affairs newsletter Round 578, authored by Pierluigi Paganini, highlights significant Cybersecurity incidents and threats. Key points include a critical SQL injection flaw in Drupal (CVE-2026-9082) currently under attack, the rise of pure extortion in cybercrime over traditional ransomware, and arrests related to the Kimwolf botnet. The…

First seen 2026-05-21T11:01:15.622Z · Last seen 2026-05-24T12:32:28.252Z

CVE-2026-9082
CyberSIXT Evidence Panel
Primary Source drupal.org
CVE Intel
CVE-2026-9082 - NVD CISA KEV due 2026-05-27 9.8 CRITICAL Patch Unknown
CISA KEV Listed in KEV
Patch Patch Status Unknown

DRUPAL has issued a critical security patch for a SQL injection vulnerability (CVE-2026-9082) that allows unauthorized attackers to compromise PostgreSQL-based sites. Exploit attempts were observed within 48 hours post-release, targeting nearly 6,000 sites across 65 countries, primarily in the gaming and financial sectors. Although only about 5% of Drupal installations use PostgreSQL, the widespread nature of the web means thousands are still at risk.

The vulnerability can lead to serious issues including data disclosure and remote code execution. Administrators of affected sites are urged to apply the patch immediately.

View Primary Source Via securityaffairs.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline