PostgreSQL - Geek Feed

CISA orders feds to patch actively exploited Drupal vulnerability

May 26, 2026May 26, 2026 geekfeed0Tagged Actively Exploited, CISA, CVE-2026-9082, Drupal, PostgreSQL, Shadowserver, SQL Injection

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. Drupal is typically used by large organizations managing massive data structures and multi-site installations, including government entities, educational organizations, major research universities, and high-profile […]

2 mins read

Drupal: Critical SQL injection flaw now targeted in attacks

May 24, 2026May 24, 2026 geekfeed0Tagged Actively Exploited, CVE-2026-9082, Drupal, Drupal SQL injection, PostgreSQL, SQL Injection, vulnerability

Drupal is warning that hackers are attempting to exploit a “highly critical” SQL injection vulnerability announced earlier this week. The content management system (CMS) project published a PSA on May 18, urging administrators to reserve time for core updates that addressed an issue that threat actors might start exploiting “within hours or days.” The flaw is now […]

2 mins read

PostgreSQL flaw exploited as zero-day in BeyondTrust breach

February 17, 2025February 17, 2025 geekfeed0Tagged BeyondTrust, Breach, CVE-2024-12356, CVE-2024-12686, PostgreSQL, Rapid7, SQL Injection, Zero-Day

Rapid7’s vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. BeyondTrust revealed that attackers breached its systems and 17 Remote Support SaaS instances in early December using two zero-day bugs (CVE-2024-12356 and CVE-2024-12686) and a stolen API key. Less than one […]

3 mins read