Drupal has patched CVE-2026-9082, a critical vulnerability that allows unauthenticated attackers to execute remote code, escalate privileges, and disclose information on affected websites.

This is an ingested summary. Full reporting is available at the primary source below.