Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

A critical SQL injection vulnerability (CVE-2026-9082) in Drupal Core is being actively exploited, affecting all supported versions. This vulnerability allows attackers to inject malicious SQL code, potentially leading to unauthorized data access or modification.

1. CVE-2026-9082 is a critical SQL injection vulnerability in Drupal Core.
2. All supported versions of Drupal Core are affected, including versions 9.x and 10.x.
3. Attackers can exploit this vulnerability to inject malicious SQL code, potentially leading to unauthorized data access or modification.
4. Detection opportunities include monitoring for suspicious database queries or unusual system activity.

T1068: Exploit Public-Facing Application

Drupal Core versions 9.x and 10.x, suspicious database queries, unusual system activity

Apply the latest patch for Drupal Core (version 9.x or 10.x) to mitigate this vulnerability.