Mastodawn

U.S. CISA adds a flaw in #Drupal Core to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/192557/security/cve-2026-9082-drupals-highly-critical-sql-injection-flaw-is-already-under-active-attack.html
#securityaffairs #hacking

CVE-2026-9082: Drupal's Highly Critical SQL Injection Flaw Is Already Under Active Attack

Attackers began exploiting Drupal SQL injection vulnerability CVE-2026-9082 within 48 hours of patch release.

Security Affairs

Marcel SIneM(S)US 14h ago

#CMS #Drupal: Hochkritisches Drupal-Core-Update für den 20. Mai angekündigt | Security https://www.heise.de/news/CMS-Drupal-Hochkritisches-Drupal-Core-Update-fuer-den-20-Mai-angekuendigt-11300021.html #Patchday #ContentManagementSystem

CMS Drupal: Hochkritisches Drupal-Core-Update für den 20. Mai angekündigt

Für Drupal Core erscheint am Abend des Mittwochs, 20. Mai, ein dringendes Sicherheitsupdate. Admins sollten es zügig installieren.

heise online

CyberNetsecIO 1d ago

📰 Critical Unauthenticated SQLi Flaw in Drupal Core Hits PostgreSQL Sites

🚨 CRITICAL vulnerability in Drupal Core (CVE-2026-9082)! Unauthenticated SQL injection affects sites using PostgreSQL, allowing for potential RCE. Patch immediately! #Drupal #CyberSecurity #SQLi #Vulnerability

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/critical-sql-injection-vulnerability-cve-2026-9082-in-drupal-core-for-postgresql/?utm_source=mastodon&utm_medium=social&utm_campaign=daily

securityaffairs 1d ago

CVE-2026-9082: #Drupal's Highly Critical SQL Injection Flaw Is Already Under Active Attack
https://securityaffairs.com/192557/security/cve-2026-9082-drupals-highly-critical-sql-injection-flaw-is-already-under-active-attack.html
#securityaffairs #hacking #malware

CVE-2026-9082: Drupal's Highly Critical SQL Injection Flaw Is Already Under Active Attack

Attackers began exploiting Drupal SQL injection vulnerability CVE-2026-9082 within 48 hours of patch release.

Security Affairs

Mike Anello (ultimike)1d ago

You had me at "A modern issue editor with proper markdown, real code blocks, syntax highlighting, image paste, and a mobile-friendly UI." 😍

Via Fran Garcia-Linares (fjgarlin on d.o.) with another update on the #Drupal issue migration:

https://www.drupal.org/drupalorg/blog/gitlab-issue-migration-a-contributors-perspective 🚀🎉

GitLab issue migration: a contributor's perspective

This is the fourth post in our GitLab issue migration series. The earlier posts focused on what is changing and how maintainers should set up their projects. This one is for the rest of us — the people who file bugs, review code, push fixes, and triage queues without wearing a maintainer hat. If your favorite contrib project has just moved its issues to git.drupalcode.org, here's what you need to know. What's changed at a glance When a project's issues are migrated, they move from www.drupal.org/project/{name}/issues to git.drupalcode.org/project/{name}/-/work_items.

Drupal.org

Module Builder 1d ago

New release of #Drupal Code Builder, 4.6.5. Some minor bugfixes. https://github.com/drupal-code-builder/drupal-code-builder/releases/tag/4.6.5

Release 4.6.5 · drupal-code-builder/drupal-code-builder

Bug fixes: Fixed service parameters in YAML not quoted. Fixes #426. Fixed checkboxes and radios elements need an #options property. Fixes #427. Fixed form array renderer not writing a closing brac...

GitHub

The Fulcrum (backup)1d ago

The Programmer’s Fulcrum: 15 May, 2026

This article originally appeared on The Fulcrum.

Welcome to this week’s The Programmer’s Fulcrum.

It’s your weekly curation of the essential news in the Open Media Network and Fediverse development communities with a focus on devastating big tech via Techno Anarchism.

As usual, we aim to provide actionable content you can use to destroy Techno Feudalism each week. It has the additional […]

https://newsletter.mobileatom.net/the-programmers-fulcrum-15-may-2026/ #ActivityPub #AI #ATProto #Beehiv #Buttondown #CastLab #Codeberg #CSS #Drupal #Elefeed #Emacs #Ente #FDroid #Faircamp #Fcast #Fedify #FediLab #FediProfile #fediverse #ForgeCMS #Forgejo #freebsd #Ghost #git #GitLab #Holos #HTML #HTTP #IndieWeb #javascript #LibreOffice #Librewolf #Linux #Mastodon #Matrix #MicroBlog #Movim #OMN #pckt #Pica #PostmarketOS #PureBlog #RSS #Silex #Snac #Substack #WebComponents #Webrings #WordPress #xPrivo #xWiki

Bill 1d ago

Ok, remember the Drupal SQLi? It's being exploited. Patch plox.

https://www.bleepingcomputer.com/news/security/drupal-critical-sql-injection-flaw-now-targeted-in-attacks/

#drupal #vulnerability

Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier this week.

BleepingComputer

Daniel Marsh 1d ago

A critical SQL injection flaw in Drupal is now actively targeted, with thousands of exploitation attempts already recorded. While some CVSS scores rate it 'medium,' Drupal's own 'highly critical' assessment is the one to trust, especially for PostgreSQL users. This unauthenticated vulnerability in the database abstraction API can lead to full Remote Code Execution. Patch your Drupal sites…

https://www.tpp.blog/1ap9p1k

#cybersecurity #drupal #sqlinjection

🤖 This post was AI-generated.