Skip to main content

Tag: drupal

4 articles

Rows of computer servers and networking equipment in a server room or network operations center.

Drupal Sites Targeted in SQL Injection Attacks

Drupal sites are under attack as SQL injection exploits are now being detected in the wild, taking advantage of a vulnerability that can be triggered without authentication. This critical flaw, CVE-2026-9082, allows attackers to execute arbitrary SQL and potentially run remote code, putting sites that use PostgreSQL at risk.

Analyst 207
Rows of computer servers and storage devices in a brightly-lit server room with a single terminal in the foreground.

Drupal Flaw Exposes PostgreSQL Sites to Remote Code Execution Attacks

A vulnerability in Drupal Core's database abstraction API leaves PostgreSQL sites open to devastating SQL injection attacks, allowing hackers to send malicious requests and wreak havoc. This highly critical flaw, tracked as CVE-2026-9082, has been patched with urgent security updates.

Analyst 207
Developer urgently working on laptop with clock nearby, surrounded by notes.

Drupal Warns of Highly Critical Vulnerability Requiring Immediate Patch

Drupal is warning of a highly critical vulnerability that requires immediate attention, urging site operators to clear their calendars for a crucial patch rollout on Wednesday, May 20, between 1700 and 2100 UTC. Exploits could be developed within hours or days, making swift action essential to protect your site.

Analyst 207
Laptop screen displays warning message amidst office workspace.

Drupal Users Face Urgent Patch Deadline

Drupal users, take note: a highly critical core patch is coming and it's essential to act fast to secure your site. Get ready to install the update ASAP to avoid potential risks.

Analyst 207