Skip to content
The Nexus
DossierENTITY

Drupal Core

Coverage of Drupal Core in the Nexus archive.

Earliest in view: May 21 · 03:44 UTCMost recent: May 23 · 07:23 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 23 · 07:23 UTCTHE HACKER NEWS
    Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

    CISA has added a critical SQL injection vulnerability (CVE-2026-9082) in Drupal Core to its KEV catalog due to active exploitation. The flaw affects all supported versions of Drupal Core and carries a CVSS score of 6.5.

  • SECURITYMay 21 · 03:44 UTCTHE HACKER NEWS
    Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

    Drupal has released security updates for a highly critical vulnerability (CVE-2026-9082) in Drupal Core that could allow attackers to achieve remote code execution, privilege escalation, or information disclosure on PostgreSQL sites. The vulnerability has a CVSS score of 6.5 and resides in the database abstraction API.

Drupal Core · Dossier · The Nexus