CISA has ordered U.S. federal agencies to patch a critically exploited Drupal SQL injection flaw, CVE-2026-9082, after attacks were detected in the wild. Imperva reports more than 15,000 attack attempts against nearly 6,000 sites, with Drupal installations in North America and Europe remaining widely unpatched. #Drupal #CVE-2026-9082 #CISA #Imperva #Shadowserver
Keypoints
- CISA added CVE-2026-9082 to its Known Exploited Vulnerabilities Catalog.
- Federal agencies must patch Drupal systems by Wednesday evening.
- The flaw is an unauthenticated SQL injection in Drupalβs database abstraction API.
- Exploitation could lead to information disclosure, privilege escalation, or remote code execution.
- Imperva and Shadowserver reported widespread attack activity and many exposed unpatched sites.