Skip to content
The Nexus
SECURITYMay 23 · 07:23 UTCTHE HACKER NEWS[email protected] (The Hacker News)

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

CISA has added a critical SQL injection vulnerability (CVE-2026-9082) in Drupal Core to its KEV catalog due to active exploitation. The flaw affects all supported versions of Drupal Core and carries a CVSS score of 6.5.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this
Related Signal

Adjacent reporting