CSO Online

Drupal admins rushing to patch maximum severity SQL injection vulnerability

In its warning, Drupal said a vulnerability in this API allows an attacker to send specially crafted requests resulting in ...
Security Boulevard

CVE-2026-9082: Critical Drupal SQL Injection Vulnerability Affects PostgreSQL Deployments

A highly critical SQL injection vulnerability in Drupal core has raised concerns across organizations running PostgreSQL-backed Drupal environments. Tracked as CVE-2026-9082, the vulnerability affects ...
Arabian Post

Drupal flaw draws urgent patch race

US cyber authorities have added a critical Drupal Core SQL injection flaw to their exploited-vulnerabilities list after attacks began targeting unpatched websites using PostgreSQL databases, ...
The Hacker News

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

Drupal CVE-2026-9082 exploitation hit 15,000 attempts across 65 countries, forcing urgent patches by May 27, 2026.
The Hacker News

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Drupal released security updates for a highly critical Drupal Core vulnerability affecting sites that use PostgreSQL.
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...
IEEE

Feature Fusion-Based Detection of SQL Injection and XSS Attacks

Abstract: With the rapid development of the internet, network security issues are becoming increasingly severe. SQL injection attacks and XSS attacks are two common network attack methods that pose ...