Drupal has released security updates for a "highly critical" security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution, privilege escalation, or information disclosure.
The vulnerability, now tracked as CVE-2026-9082, carries a CVSS score of 6.5 out of 10.0, per CVE.org. Drupal said the vulnerability resides in a database abstraction API that is
source https://thehackernews.com/2026/05/highly-critical-drupal-core-flaw.html
source https://thehackernews.com/2026/05/highly-critical-drupal-core-flaw.html
