What is GHSA-ghwc-95x2-682j?

GHSA-ghwc-95x2-682j is a security advisory published by GitHub Security Advisories with Medium severity. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...

Which CVE IDs does GHSA-ghwc-95x2-682j cover?

GHSA-ghwc-95x2-682j covers the following CVE IDs: CVE-2026-9082. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-ghwc-95x2-682j?

GHSA-ghwc-95x2-682j has a CVSS v3 base score of 6.5, published by GitHub Security Advisories.

GHSA-ghwc-95x2-682jMediumCVSS 6.5

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...

Vendor

GitHub Security Advisories

Published

May 20, 2026

Last Modified

May 20, 2026

🔗 CVE IDs covered (1)

CVE-2026-9082 →

📋 Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection.

This issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10.

🔗 References (1)

https://github.com/advisories/GHSA-ghwc-95x2-682j