CYBERSIXT Signal Over Noise
securityaffairs.com 5/24/2026, 8:33:26 AM · external

CISA adds Drupal SQL flaw CVE-2026-9082 to KEV catalogue

CISA adds Drupal SQL flaw CVE-2026-9082 to KEV catalogue
Incident Open incident page

Drupal SQL Injection Bug Exploited Live, Extortion Tactics Surge

The Security Affairs newsletter Round 578, authored by Pierluigi Paganini, highlights significant Cybersecurity incidents and threats. Key points include a critical SQL injection flaw in Drupal (CVE-2026-9082) currently under attack, the rise of pure extortion in cybercrime over traditional ransomware, and arrests related to the Kimwolf botnet. The…

First seen 2026-05-21T11:01:15.622Z · Last seen 2026-05-24T12:32:28.252Z

CVE-2026-9082
CyberSIXT Evidence Panel
Primary Source cisa.gov
CVE Intel
CVE-2026-9082 - NVD CISA KEV due 2026-05-27 9.8 CRITICAL Patch Unknown
CISA KEV Listed in KEV
Patch Patch Status Unknown

THE U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw in the Drupal Core, identified as CVE-2026-9082, to its Known Exploited Vulnerabilities catalog. This SQL injection vulnerability, which affects PostgreSQL databases, can be exploited by unauthenticated users to perform attacks such as data disclosure and privilege escalation. Following its discovery, there were over 15,000 exploitation attempts within two days, primarily targeting gaming and financial services.

CISA mandates federal agencies to address this vulnerability by May 27, 2026, while experts advise private organizations to review and secure their systems accordingly.

View Primary Source Via securityaffairs.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline