Drupal: Critical SQL injection flaw now targeted in attacks
…or days." The flaw is now tracked as CVE-2026-9082 and was discovered by Google/Mandiant researcher Michael Maturi. It affects Drupal’s database abstraction API. It allows specially crafted requests…
