THE article discusses a recently discovered SQL injection vulnerability in Drupal Core, which is currently being exploited in the wild. This vulnerability has been added to the U.S. Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities (KEV) catalog, highlighting its significance and urgency for action among web administrators. It emphasizes the importance of promptly updating systems to mitigate risks associated with such security issues.
Drupal Core SQL injection flaw exploited, added to US KEV catalog
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
Poisoned Code: Stealthy Malicious Go Module Backdoor Discovered in Long-Running Typosquat
securityonline.info
-
Drupal SQL Injection Bug Exploited Live, Extortion Tactics Surge
securityaffairs.com
-
CISA adds Drupal SQL flaw CVE-2026-9082 to KEV catalogue
-
Critical Drupal SQLi flaw exposes thousands of PostgreSQL sites
-
Drupal Core SQL injection flaw exploited, added to US KEV catalog
thehackernews.com
-
CISA Flags Drupal SQL Injection Flaw CVE-2026-9082 in KEV Catalog
cisa.gov
-
Drupal Critical SQL Flaw CVE-2026-9082 Prompts Urgent Patch
securityweek.com
-
Drupal patches PostgreSQL SQL injection flaw CVE-2026-9082