Security News > 2019 > February > Drupal RCE Flaw Exploited in Attacks Days After Patch

Drupal RCE Flaw Exploited in Attacks Days After Patch

2019-02-26 08:00

A vulnerability patched recently in the Drupal content management system (CMS) has been exploited in the wild to deliver cryptocurrency miners and other payloads. The attacks started just three days after a fix was released. read more

News URL

http://feedproxy.google.com/~r/Securityweek/~3/gZs_oytaJBw/drupal-rce-flaw-exploited-attacks-days-after-patch

#attack #drupal #patch #RCE

Related news

CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN (source)
New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now (source)
MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors (source)
Critical PHP RCE vulnerability mass exploited in new attacks (source)
Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Drupal		15	0	66	45	14	125

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.