CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-15082

highcovered by 2 sourcesfirst seen 2026-07-09
An attacker can exploit multiple vulnerabilities in Drupal to perform SQL injection attacks, bypass security measures, disclose confidential information, and conduct cross-site scripting attacks.

CSIRTS triage

What
Multiple vulnerabilities allow an attacker to perform SQL injection, bypass security measures, and conduct cross-site scripting attacks.
Who is affected
Deployments of Drupal and its modules are affected.
Urgency
Remediation is urgent due to the high severity of the vulnerabilities.
Action
Update to the latest versions of affected modules.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-15082

Get an email if CVE-2026-15082 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Advisory coverage (2)

External references

NVD record for CVE-2026-15082

CVE.org record

Embed the live status

CVE-2026-15082 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-15082 status](https://www.csirts.com/badge/CVE-2026-15082)](https://www.csirts.com/cve/CVE-2026-15082)