CISA Warns of Drupal Core SQL Injection Vulnerability Exploited in Attacks
Source: Cybersecuritynews
Published:
<p>CISA has issued an urgent alert regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in real-world attacks. The flaw, classified under CWE-89, affects Drupal’s database abstraction API and could allow attackers to execute