Product

Drupal Core (8.0.0 - 11.3.9)

1 brief RSS

Drupal Core PostgreSQL SQL Injection Vulnerability (CVE-2026-9082) Exploit Available

A public exploit is available for CVE-2026-9082, a SQL injection vulnerability in Drupal Core affecting PostgreSQL-backed sites running versions 8.0 through 11.3.9, allowing unauthenticated users to potentially achieve data exfiltration, privilege escalation, and remote code execution.

Drupal Core cve sql injection drupal web application

2r 1t 1c 2i 1h ago