
Drupal
Drupal Core CVE-2026-9082: PostgreSQL SQL Injection Patch Guide
CISA now lists Drupal CVE-2026-9082 in KEV. Patch PostgreSQL-backed Drupal sites first, then update Symfony and Twig dependencies across supported Drupal 10 and 11 sites.

CISA now lists Drupal CVE-2026-9082 in KEV. Patch PostgreSQL-backed Drupal sites first, then update Symfony and Twig dependencies across supported Drupal 10 and 11 sites.

Patch Drupal SAML SSO Service Provider CVE-2026-5343 by updating to 3.1.4 or newer and reviewing SSO logs, role mapping, and admin accounts.

Patch Drupal core CVE-2026-6365 by updating supported Drupal 10 and 11 branches, rebuilding caches, and verifying editor workflows.

Patch Drupal Date iCal CVE-2026-8495 by updating to 4.0.15 or newer, rebuilding caches, and reviewing private calendar feed exposure.