Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure

SecurityWeek·22. Mai 2026, 17:15

Drupal is warning users that it has already seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands of websites. The post Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure appeared first on SecurityWeek.

Themen

VulnerabilitiesDrupalexploitedFeatured

Vollständigen Artikel lesen bei SecurityWeek

8 Quellen berichten

Primärquellen

CISA Adds One Known Exploited Vulnerability to Catalog
CISA Current Activity · vor 4 Tagen

Weitere Quellen

Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation
SecurityWeek · vor 7 Tagen
Drupal critical update to fix bug with high exploitation risk
BleepingComputer · vor 6 Tagen
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
The Hacker News · vor 6 Tagen
Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking
SecurityWeek · vor 5 Tagen
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
The Hacker News · vor 4 Tagen
+ 1 weitere…

Erwähnte CVEs (1)

CVE-2026-9082MEDIUM(6.5)

KEVEPSS 17%

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection. This issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10.

Details NVD

Verwandte Artikel