CVE lookup
CVE-2026-9082
Pruva has a verified reproduction for CVE-2026-9082: Drupal core: unauthenticated SQL injection via JSON:API filter array keys. The canonical evidence record is REPRO-2026-00133.
REPRO
REPRO-2026-00133
Package
drupal/core · composer
Severity
CRITICAL
Status
published