Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
Drupal CVE-2026-9082 exploitation hit 15,000 attempts across 65 countries, forcing urgent patches by May 27, 2026.
More info