Summary

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical SQL injection vulnerability in Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability, identified as CVE-2026-9082, is being actively exploited.

Key Points

• The vulnerability is identified as CVE-2026-9082 with a CVSS score of 6.5.
• It affects all supported versions of Drupal Core.
• CISA has added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.
• The vulnerability is an SQL injection flaw, which can lead to unauthorized data access.
• Evidence of active exploitation has been observed, prompting the inclusion in the KEV catalog.

Analysis

The inclusion of CVE-2026-9082 in the CISA KEV catalog underscores the critical nature of this vulnerability. SQL injection vulnerabilities can lead to severe data breaches, allowing attackers to manipulate databases and access sensitive information. The active exploitation of this flaw highlights the urgent need for organizations using Drupal Core to apply patches and mitigate risks.

Conclusion

IT professionals managing Drupal Core installations should prioritize applying the latest security patches to mitigate the risks associated with CVE-2026-9082. Regularly monitoring CISA's KEV catalog can also help in staying informed about actively exploited vulnerabilities.