CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack

Drupal sites running PostgreSQL databases are vulnerable to a highly critical SQL injection flaw (CVE-2026-9082) allowing unauthenticated attackers to compromise sites. Exploits began within 48 hours of patch release. Patching is the recommended mitigation.

1. CVE-2026-9082 is a SQL injection vulnerability in Drupal sites using PostgreSQL databases.
2. The vulnerability affects Drupal sites running PostgreSQL databases, with exploits beginning within 48 hours of patch release.
3. Attackers can exploit the vulnerability to compromise sites, with patching being the recommended mitigation.
4. Detection opportunities include monitoring for suspicious database queries or unusual site behavior.

T1068: Exploit Public-Facing Application

Apply the Drupal security patch for CVE-2026-9082 to mitigate the vulnerability.