Drupal News Articles
Recent news articles refferecing the vendors vulnerabilities.
CISA orders feds to patch actively exploited Drupal vulnerability
CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited.
1 week ago
It Security NewsCVE-2026-9082CISA Warns of Drupal Core SQL Injection Vulnerability Exploited in Attacks - IT Security News
CISA has issued an urgent alert regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in real-world attacks. The flaw, classified under CWE-89, affects Drupal’s database abstraction API and could allow…Read more →
2 weeks ago
It Security NewsCVE-2026-9082IT Security News Weekly Summary 21 - IT Security News
210 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-05-24 17:34 : Real-Time Webhook Notifications: No More Lost Security Alerts 17:4 : Wireshark 4.6.6 Released, (Sun, May 24th) 16:34 : AI eyes scanning for…Read more →
2 weeks ago
SwapupdateCVE-2026-9082Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
Ravie LakshmananMay 21, 2026Web Security / Vulnerability
2 weeks ago
It Security NewsCVE-2026-9082U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog - IT Security News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-9082 (CVSS score of 9.8),…Read m...
2 weeks ago
It Security NewsCVE-2026-9082IT Security News Daily Summary 2026-05-23 - IT Security News
45 posts were published in the last hour 20:32 : These special phone and app features can help protect you from spyware 17:31 : CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack 17:2 : Packagist Supply…Read more →
2 weeks ago
The Hacker NewsCVE-2026-9082Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
Drupal CVE-2026-9082 exploitation hit 15,000 attempts across 65 countries, forcing urgent patches by May 27, 2026.
2 weeks ago
WebpronewsCVE-2026-9082Drupal's PostgreSQL SQL Injection Exposes Thousands of Sites to Immediate Takeover
Drupal patched CVE-2026-9082, a highly critical SQL injection flaw in its database abstraction API. The unauthenticated bug affects only PostgreSQL sites and enables information disclosure, privilege escalation and remote code execution. Administrators must update immediately to supported versions.
2 weeks ago
Drupal: Critical SQL injection flaw now targeted in attacks
Drupal is warning that hackers are attempting to exploit a
2 weeks ago
Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
Drupal warns users that it has seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands of websites.
2 weeks ago
Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking
Drupal has patched CVE-2026-9082, a highly critical vulnerability that could allow threat actors to hack websites.
2 weeks ago
It Security NewsCVE-2026-9082Imperva Customers Protected Against CVE-2026-9082 in Drupal Core - IT Security News
TL;DR: CVE-2026-9082 is a highly critical SQL injection vulnerability in Drupal core that can be exploited by unauthenticated users against Drupal sites using PostgreSQL. The vulnerability affects Drupal’s database abstraction API and can allow specially crafted requests to trigger arbitrary…Read mo...
2 weeks ago