Security Advisory

CVE-2026-9082

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-05-20 18:20:52

Last updated 2026-05-23 03:55:38

Assigner drupal

State PUBLISHED

Description

Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) vulnerability in Drupal Drupal core allows SQL Injection. This issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10.

← Browse all CVEs View on cve.org ↗