Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

SecurityWeek·21. Mai 2026, 10:58

CVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code execution. The post Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking appeared first on SecurityWeek.

Themen

VulnerabilitiesDrupalvulnerability

Vollständigen Artikel lesen bei SecurityWeek

8 Quellen berichten

Primärquellen

CISA Adds One Known Exploited Vulnerability to Catalog
CISA Current Activity · vor 4 Tagen

Weitere Quellen

Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation
SecurityWeek · vor 7 Tagen
Drupal critical update to fix bug with high exploitation risk
BleepingComputer · vor 6 Tagen
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
The Hacker News · vor 6 Tagen
Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
SecurityWeek · vor 4 Tagen
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
The Hacker News · vor 4 Tagen
+ 1 weitere…

Erwähnte CVEs (1)

CVE-2026-9082MEDIUM(6.5)

KEVEPSS 17%

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection. This issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10.

Details NVD

Verwandte Artikel