THREATNOIR
Subscribe
Back to Feed
VulnerabilitiesMay 22, 2026

RT @CISACyber: 🛡️ We added Drupal core SQL injection vulnerability CVE-2026-9082 to our KEV Cata...

CISA adds Drupal core SQL injection vulnerability CVE-2026-9082 to KEV catalog

Read at source

Summary

CISA has added CVE-2026-9082, a SQL injection vulnerability in Drupal core, to its Known Exploited Vulnerabilities (KEV) catalog. The addition indicates this vulnerability is being actively exploited in the wild and organizations should prioritize patching. Administrators running Drupal should apply available security updates immediately.

Indicators of Compromise

  • cve — CVE-2026-9082

Entities

Drupal (product)Drupal (vendor)SQL injection (technology)