CISA Warns of Drupal Core SQL Injection Vulnerability Exploited in Attacks

CISA has issued an urgent alert regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in real-world attacks. The flaw, classified under CWE-89, affects Drupal’s database abstraction API and could allow attackers to execute malicious SQL queries through specially crafted requests. According to the Cybersecurity and […] The post CISA Warns of Drupal Core SQL Injection Vulnerability Exploited in Attacks appeared first on Cyber Security News.