> TritonInfoSec News
Home / May 22, 2026 / Story
0
#5 The Hacker News general May 21, 2026 at 03:44 UTC

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

By [email protected] (The Hacker News)

AI Summary

Drupal patched CVE-2026-9082 (CVSS 6.5), a highly critical flaw in Drupal Core's database abstraction API affecting PostgreSQL-backed installations that can be exploited without authentication for remote code execution, privilege escalation, or information disclosure. Drupal warned that exploits could emerge within hours of disclosure. Site administrators running Drupal on PostgreSQL should apply the security update immediately.

Read full article → https://thehackernews.com/2026/05/highly-critical-…

Relevance score: 80.0/100

# More from May 22

  1. 1
    GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension The Hacker News
  2. 2
    Microsoft Warns of Two Actively Exploited Defender Vulnerabilities The Hacker News
  3. 3
    9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros The Hacker News
  4. 4
    Max severity Cisco Secure Workload flaw gives Site Admin privileges BleepingComputer
  5. 6
    Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada Krebs on Security
  6. 7
    Hackers bypass SonicWall VPN MFA due to incomplete patching BleepingComputer
  7. 8
    Chinese hackers target telcos with new Linux, Windows malware BleepingComputer
  8. 9
    European authorities take down prolific cybercrime VPN service CyberScoop
  9. 10
    7-Eleven confirms breach after ShinyHunters claims The Record