The Hacker News

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

Drupal CVE-2026-9082 exploitation hit 15,000 attempts across 65 countries, forcing urgent patches by May 27, 2026.
SecurityWeek

Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

Drupal has patched CVE-2026-9082, a highly critical vulnerability that could allow threat actors to hack websites.

Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...
The Hacker News

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Drupal released security updates for a highly critical Drupal Core vulnerability affecting sites that use PostgreSQL.
SecurityWeek

SAP Patches Critical S/4HANA, Commerce Vulnerabilities

SAP has released 15 new security notes, including two addressing critical code injection flaws in S/4HANA and Commerce.
TechRepublic

Patch Tuesday: Microsoft Addresses 137 Vulnerabilities, Including High-Severity SQL Server RCE

Microsoft’s July 2025 Patch Tuesday fixes 137 vulnerabilities, including critical flaws in SQL Server, Netlogon, Office, and the .NET Framework. Microsoft’s July 2025 Patch Tuesday rollout delivered ...

SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA

SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical ...