CVE-2026-9082
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
In short
Drupal has a critical SQL injection flaw that lets attackers bypass security and directly manipulate the database by injecting malicious code into database queries. This allows them to steal, modify, or delete sensitive data on affected websites.
Technical detail
SQL injection vulnerability in Drupal core due to improper neutralization of special elements in SQL commands. Affects multiple versions (8.9.0–10.4.9, 10.5.0–10.5.9, 10.6.0–10.6.8, 11.0.0–11.1.9, 11.2.0–11.2.11, 11.3.0–11.3.9). Successful exploitation enables database manipulation, data exfiltration, and potential code execution depending on database permissions.
Summary generated and translated by AI from the official description.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection.
This issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Drupal · Drupal corepublic PoCs found — 13
githubgithub.com/7h30th3r0n3/CVE-2026-9082-Drupal-PoC★ 18githubgithub.com/ambionics/cve-2026-9082-drupal-postgresql-rce★ 10githubgithub.com/N45HT/drupal-cve-2026-9082-checker★ 6githubgithub.com/HORKimhab/CVE-2026-9082★ 2githubgithub.com/0xBlackash/CVE-2026-9082★ 1githubgithub.com/sourcecode347/CVE-2026-9082-Mass_Scanner★ 1githubgithub.com/ywh-jfellus/CVE-2026-9082★ 1githubgithub.com/11romain/CVE-2026-9082★ 0githubgithub.com/eliHiHo/portfolio-drupal-cve-2026-9082★ 0githubgithub.com/thinhap/CVE-2026-9082-PoC★ 0githubgithub.com/lysophavin18/cve-2026-9082★ 0githubgithub.com/strobelpierre/CVE-2026-9082★ 0exploitdbwww.exploit-db.com/exploits/52608unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →