{"uuid": "2c8e9b74-1fd2-48e8-98f2-73faf81777fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9082", "type": "seen", "source": "https://thehackernews.com/2026/05/drupal-core-sql-injection-bug-actively.html", "content": "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.\n\nThe vulnerability in question is CVE-2026-9082 (CVSS score: 6.5), an SQL injection vulnerability affecting all supported versions of Drupal Core.\n\n\"Drupal Core", "creation_timestamp": "2026-05-23T05:23:48.000000Z"}