Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

Thursday, May 21, 2026 at 10:58 AM UTC·Source: SecurityWeek

Updated: Thursday, May 21, 2026 at 11:00 AM UTC

Executive Summary

CVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code execution. The post Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking appeared first on SecurityWeek .

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-9082

NVD MITRE CVE

Source Attribution

Originally published by SecurityWeek on May 21, 2026.

Related Threats

LOWVulnerability

CISA to allow researchers to report vulnerabilities to exploited bugs catalog

The Cybersecurity and Infrastructure Security Agency (CISA) announced the creation of a nomination form on Thursday that they said enables “researchers, vendors, and industry partners” to report bugs that need to be added to the Known Exploited Vulnerabilities catalog.

1h agoThe Record

LOWVulnerability

Google leaks details for Chromium bug that can turn browsers into bots

Chromium — the open-source browser that underpins Google Chrome, Microsoft Edge, and Opera, among others — contains an unpatched vulnerability that attackers can exploit to execute JavaScript code persistently across browser restarts. As a result, the flaw can be used to hijack users’ browsers for distributed denial-of-service attacks, run crypto miners, and more. The vulnerability was reported ov

2h agoCSO Online

MEDIUMVulnerability

Friday Squid Blogging: Regulating Squid Fishing in the South Pacific

The South Pacific Regional Fisheries Management Organization (SPRFMO) needs to regulate squid fishing in the South Pacific. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.

5h agoSchneier on Security