SECURITYBLEEPING COMPUTER
Drupal: Critical SQL injection flaw now targeted in attacks
Drupal has issued a critical warning about a severe SQL injection vulnerability that is now being actively exploited by hackers. The flaw was announced earlier this week and poses significant security risks to systems running the platform.
Related Signal
Adjacent reporting
- CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
- Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report
- 'TrustFall' Exposes Claude Code Execution Risk
- April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
- Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
- LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure