A critical SQL injection vulnerability, identified as CVE-2026-9082, is being actively exploited in all supported versions of Drupal Core, with a CVSS score of 6.5. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this flaw to its Known Exploited Vulnerabilities catalog, indicating a high level of risk. This vulnerability allows attackers to inject malicious SQL code, potentially leading to unauthorized data access and other malicious activities. The fact that it is being actively exploited1 underscores the need for immediate attention from administrators and developers using Drupal Core. Given the potential impact of this vulnerability, it is essential for organizations to patch their systems as soon as possible to prevent exploitation. The active exploitation of CVE-2026-9082 makes it a pressing concern for security teams, who must prioritize patching to protect their systems from potential attacks.
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
⚠️ Critical Alert
Why This Matters
CVE-2026-9082 is in active discussion involving CISA — exploitation status determines whether this is patch-now or monitor.
References
- The Hacker News. (2026, May 23). Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV. The Hacker News. https://thehackernews.com/2026/05/drupal-core-sql-injection-bug-actively.html
Original Source
The Hacker News
Read original →