CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack
Attackers began exploiting Drupal SQL injection flaw CVE-2026-9082 within 48 hours of patch release. Drupal issued a highly critical security patch on May 20 for CVE-2026-9082, a SQL injection vulnerability that allows unauthenticated attackers to compromise sites running PostgreSQL databases. The project maintainers warned ahead of the release that exploits could surface within hours or […]
Drupal issued a highly critical security patch on May 20 for CVE-2026-9082, a SQL injection vulnerability that allows unauthenticated attackers to compromise sites running PostgreSQL databases. The project maintainers warned ahead of the release that exploits could surface within hours or days. That prediction was accurate; exploitation attempts started almost immediately, and within 48 hours, security firms were tracking thousands of attacks in the wild.
The vulnerability sits in an API designed to sanitize database queries and prevent SQL injection. A flaw in that API means an attacker can send specially crafted requests and inject arbitrary SQL commands on sites using PostgreSQL. As Drupal put it in its advisory.
Related breach coverage
- U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog2026-05-24
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-9082 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Drupal issued a highly critical security patch on May […]
- Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation2026-05-19
Drupal says attackers may develop an exploit for the vulnerability within hours or days. The post Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation appeared first on SecurityWeek.
- Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure2026-05-22
Drupal is warning users that it has already seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands of websites. The post Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure appeared first on SecurityWeek.
- Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking2026-05-21
CVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code execution. The post Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking appeared first on SecurityWeek.