drupal
Drupal Core CVE-2026-9082: PostgreSQL SQL Injection → RCE (Anonymous Exploitation)
The Vulnerability: What's Broken Drupal has a database abstraction API that sits between your application code and the database. Its job is to validate queries and prevent SQL injection. Someone found a flaw in that validation layer that allows crafted requests to bypass the sanitization and inject arbitrary