Drupal Core SQL injection is now under active exploitation.

Drupal Core SQL injection is now under active exploitation.
CISA added CVE-2026-9082 to its Known Exploited Vulnerabilities catalog after reports of real-world exploitation. The bug affects Drupal Core’s database abstraction layer, especially PostgreSQL-backed installations, and can allow unauthenticated SQL injection leading to privilege escalation or remote compromise. Reports say exploitation activity has already reached thousands of attempts across dozens of countries, so exposed Drupal sites should be patched immediately.