TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

By rooter

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

The vulnerability in question is CVE-2026-9082 (CVSS score: 6.5), an SQL injection vulnerability affecting all supported versions of Drupal Core.

“Drupal Core

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

rooter
Cyber Security

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

rooter
Cyber Security

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

rooter

Leave a Reply

You Missed

Cyber Security

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

News

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

Cyber Security

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

News

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV