drupal

(4 articles)

May 26, 2026

CISA Orders Patch for Exploited Drupal SQL Injection

CISA added CVE-2026-9082, an actively exploited Drupal SQL injection flaw, to its KEV catalog. Federal agencies must patch by May 27. Here's what developers need to know.

May 23, 2026

Drupal Core SQL Injection Bug Hits CISA KEV

A Drupal core SQL injection vulnerability is actively exploited and added to CISA's KEV catalog. Here's what developers need to patch right now.

May 22, 2026

Drupal CVE-2026-9082: Critical SQL Injection Now Exploited

Hackers are actively exploiting Drupal's critical SQL injection flaw CVE-2026-9082. Learn which versions are affected and how to patch immediately.

May 21, 2026

Critical Drupal Core Flaw: PostgreSQL RCE Risk

A highly critical Drupal core vulnerability exposes PostgreSQL-backed sites to remote code execution. Learn what's affected and how to patch now.