> TritonInfoSec News
Home / May 23, 2026 / Story
0
#4 BleepingComputer general May 22, 2026 at 13:14 UTC

Drupal: Critical SQL injection flaw now targeted in attacks

By Bill Toulas

AI Summary

Drupal issued an urgent warning that attackers are actively exploiting CVE-2026-9082, a 'highly critical' SQL injection vulnerability disclosed earlier in the week, with security firms reporting attacks against thousands of websites. The flaw can be exploited without authentication to achieve information disclosure, privilege escalation, and remote code execution on affected Drupal installations.

Read full article → https://www.bleepingcomputer.com/news/security/dru…

Relevance score: 86.0/100

# More from May 23

  1. 1
    Lawmakers Demand Answers as CISA Tries to Contain Data Leak Krebs on Security
  2. 2
    GitHub links repo breach to TanStack npm supply-chain attack BleepingComputer
  3. 3
    Microsoft warns of new Defender zero-days exploited in attacks BleepingComputer
  4. 5
    Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access The Hacker News
  5. 6
    Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks The Hacker News
  6. 7
    Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows The Hacker News
  7. 8
    First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups The Hacker News
  8. 9
    Trend Micro warns of Apex One zero-day exploited in the wild BleepingComputer
  9. 10
    macOS Kernel Memory Corruption Exploit Schneier on Security