CVE-2026-9082 - Geek Feed

CISA orders feds to patch actively exploited Drupal vulnerability

May 26, 2026May 26, 2026 geekfeed0Tagged Actively Exploited, CISA, CVE-2026-9082, Drupal, PostgreSQL, Shadowserver, SQL Injection

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. Drupal is typically used by large organizations managing massive data structures and multi-site installations, including government entities, educational organizations, major research universities, and high-profile […]

2 mins read

Drupal: Critical SQL injection flaw now targeted in attacks

May 24, 2026May 24, 2026 geekfeed0Tagged Actively Exploited, CVE-2026-9082, Drupal, Drupal SQL injection, PostgreSQL, SQL Injection, vulnerability

Drupal is warning that hackers are attempting to exploit a “highly critical” SQL injection vulnerability announced earlier this week. The content management system (CMS) project published a PSA on May 18, urging administrators to reserve time for core updates that addressed an issue that threat actors might start exploiting “within hours or days.” The flaw is now […]

2 mins read