CISA orders FCEB patching for CVE-2026-9082
Public Sector Action
Summary
Hide ▲
Show ▼
CISA added CVE-2026-9082 to the KEV Catalog and ordered FCEB agencies to patch Drupal by May 27, turning an actively exploited flaw into a mandatory federal remediation. The directive targets an unauthenticated SQL injection issue in Drupal that affects PostgreSQL-powered sites. CISA also urged other defenders to prioritize the patching of KEV vulnerabilities and reduce exposure quickly.
Related Happenings
Drupal core security update for CVE-2026-9082
Security Patch Release
First: 22.05.2026 16:14
Last: 22.05.2026 16:14
Sources 1
How related:
The Drupal security team tagged the flaw as "highly critical" before releasing patches and confirming that exploitation attempts had been detected in the wild.
About this happening:
**Drupal** released security updates for **CVE-2026-9082**, a highly critical SQL injection flaw affecting **PostgreSQL**-backed sites, and urged administrators to **upgrade immed...
Drupal core security update for CVE-2026-9082
Security Patch ReleaseHow related: The Drupal security team tagged the flaw as "highly critical" before releasing patches and confirming that exploitation attempts had been detected in the wild.
About this happening: **Drupal** released security updates for **CVE-2026-9082**, a highly critical SQL injection flaw affecting **PostgreSQL**-backed sites, and urged administrators to **upgrade immed...
CISA launches KEV Nomination Form
Public Sector Action
First: 21.05.2026 15:00
Last: 21.05.2026 15:00
Sources 1
About this happening:
CISA launched a **new Nomination Form** for the **KEV catalog**, giving **researchers, vendors, and industry partners** a direct way to report **known exploited vulnerabilities**....
CISA launches KEV Nomination Form
Public Sector ActionAbout this happening: CISA launched a **new Nomination Form** for the **KEV catalog**, giving **researchers, vendors, and industry partners** a direct way to report **known exploited vulnerabilities**....
Drupal Core database abstraction API SQL injection SQL injection flaw (CVE-2026-9082)
Vulnerability
First: 21.05.2026 06:44
Last: 21.05.2026 06:44
Sources 1
How related:
The security flaw can be exploited without authentication, allowing attackers to trigger arbitrary SQL injection on PostgreSQL-powered sites via specially crafted requests.
About this happening:
**CVE-2026-9082** in **Drupal Core** is a **SQL injection** flaw in the **database abstraction API** that affects **PostgreSQL-backed sites** and can lead to **information disclos...
Drupal Core database abstraction API SQL injection SQL injection flaw (CVE-2026-9082)
VulnerabilityHow related: The security flaw can be exploited without authentication, allowing attackers to trigger arbitrary SQL injection on PostgreSQL-powered sites via specially crafted requests.
About this happening: **CVE-2026-9082** in **Drupal Core** is a **SQL injection** flaw in the **database abstraction API** that affects **PostgreSQL-backed sites** and can lead to **information disclos...
CISA KEV directive for CVE-2026-20133
Public Sector Action
First: 21.04.2026 15:30
Last: 21.04.2026 15:30
Sources 1
About this happening:
On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...
CISA KEV directive for CVE-2026-20133
Public Sector ActionAbout this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...
CISA KEV listing and FCEB patch order for Ivanti EPMM
Public Sector Action
First: 08.04.2026 21:15
Last: 08.04.2026 21:15
Sources 1
About this happening:
**CISA** added **CVE-2026-1340** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Ivanti Endpoint Manager Mobile (EPMM)** by **Saturday midnight, April 11**, forcin...
CISA KEV listing and FCEB patch order for Ivanti EPMM
Public Sector ActionAbout this happening: **CISA** added **CVE-2026-1340** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Ivanti Endpoint Manager Mobile (EPMM)** by **Saturday midnight, April 11**, forcin...
Timeline
-
26.05.2026 11:46 1 articles · 1d ago
Imperva tracks large-scale attack attempts against Drupal sites
Exploitation ObservedImperva observed more than 15,000 attack attempts targeting almost 6,000 Drupal sites across 65 countries after CVE-2026-9082 was released, with gaming and financial services sites accounting for nearly half of the traffic. The flaw is an unauthenticated SQL injection issue in Drupal's database abstraction API that can affect PostgreSQL-powered sites.
Show sources
- CISA orders feds to patch actively exploited Drupal vulnerability — www.bleepingcomputer.com — 26.05.2026 11:46
-
26.05.2026 11:46 2 articles · 1d ago
CISA adds CVE-2026-9082 to the KEV Catalog and orders patching
Legal Policy Action UpdateCISA added CVE-2026-9082 to the Known Exploited Vulnerabilities (KEV) Catalog and ordered Federal Civilian Executive Branch agencies to patch Drupal systems by midnight on Wednesday, May 27, under Binding Operational Directive (BOD) 22-01. CISA also urged other organizations using Drupal to apply vendor mitigations or discontinue use if mitigations are unavailable.
Show sources
- CISA orders feds to patch actively exploited Drupal vulnerability — www.bleepingcomputer.com — 26.05.2026 11:46
- CISA orders feds to patch actively exploited Drupal vulnerability — www.bleepingcomputer.com — 26.05.2026 11:46
-
26.05.2026 11:46 1 articles · 1d ago
Researcher discovers CVE-2026-9082 in Drupal's database abstraction API
Technical Analysis UpdateGoogle/Mandiant researcher Michael Maturi discovered CVE-2026-9082 in Drupal's database abstraction API, and the Drupal security team marked the flaw highly critical, released patches, and confirmed exploitation attempts in the wild. Shadowserver also tracked nearly 670 unpatched Drupal installations exposed online, most of them in North America and Europe.
Show sources
- CISA orders feds to patch actively exploited Drupal vulnerability — www.bleepingcomputer.com — 26.05.2026 11:46