URL has been copied successfully!
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV


Tags: , , , , , , , , ,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerability in question is CVE-2026-9082 (CVSS score: 6.5), an SQL injection vulnerability affecting all supported versions of Drupal Core.”Drupal Core

First seen on thehackernews.com

Jump to article: thehackernews.com/2026/05/drupal-core-sql-injection-bug-actively.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild
  2. CISA Warns Fortinet SQL Injection Flaw Is Being Actively Exploited
  3. U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog
  4. CISA Warns of Craft CMS Code Injection Flaw Exploited in Active Attacks