The Hacker News

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Drupal released security updates for a highly critical Drupal Core vulnerability affecting sites that use PostgreSQL.
SecurityWeek

Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation

Drupal is warning users that it’s preparing a patch for a ‘highly critical’ vulnerability that may be exploited shortly after ...

Clear your calendar, Drupal user: You have a critically urgent patch to install

The Drupal Security Team’s Monday PSA announcing the imminent patch for Drupal core doesn’t include any specifics, with the ...

Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...
Tech Times

Drupal Core Patch Drops Today: No-Login Flaw Puts Government and University Sites at Immediate Risk

The Drupal Security Team is releasing patches for all supported core branches today, May 20, 2026, between 17:00 and 21:00 ...

Drupal critical update to fix bug with high exploitation risk

Drupal has announced a "core security release" scheduled for later today, warning that threat actors might develop exploits ...
Arabian Post

Drupal flaw draws urgent patch race

US cyber authorities have added a critical Drupal Core SQL injection flaw to their exploited-vulnerabilities list after attacks began targeting unpatched websites using PostgreSQL databases, ...