Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Drupal Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2026-9082 - Vulnerability Database
Drupal

Drupal Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2026-9082

Critical
Reference: CVE-2026-9082
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2026-9082
Title: Drupal Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

Improper Neutralization of Special Elements used in an SQL Command (39SQL Injection39) vulnerability in Drupal Drupal core allows SQL Injection. This issue affects Drupal core: from 8.9.0 before 10.4.10 from 10.5.0 before 10.5.10 from 10.6.0 before 10.6.9 from 11.0.0 before 11.1.10 from 11.2.0 before 11.2.12 from 11.3.0 before 11.3.10.