By StephaneQ , Thu, 05/21/2026 - 16:52 SA-CORE-2026-004: Highly critical SQL Injection vulnerability in Drupal Core Drupal SA-CORE-2026-004 is a highly critical SQL Injection vulnerability affecting PostgreSQL-based Drupal sites. This article explains the affected versions, root cause, fix and recommended update actions.