strobelpierre/CVE-2026-9082
GitHub: strobelpierre/CVE-2026-9082
Stars: 0 | Forks: 0
[](https://github.com/strobelpierre/CVE-2026-9082/actions/workflows/ci.yml)
# Drupal CVE-2026-9082 Scanner
Semi-passive scanner that detects Drupal installations potentially vulnerable to CVE-2026-9082 (PostgreSQL SQL injection).
## Vulnerable Versions
| Branch | Affected | Fixed |
|--------|-----------------|----------|
| 10.4.x | 8.9.0 — 10.4.9 | 10.4.10 |
| 10.5.x | 10.5.0 — 10.5.9 | 10.5.10 |
| 10.6.x | 10.6.0 — 10.6.8 | 10.6.9 |
| 11.1.x | 11.0.0 — 11.1.9 | 11.1.10 |
| 11.2.x | 11.2.0 — 11.2.11| 11.2.12 |
| 11.3.x | 11.3.0 — 11.3.9 | 11.3.10 |
## Install
# Direct download
curl -LO https://github.com/strobelpierre/CVE-2026-9082/releases/latest/download/drupal-cve-2026-9082-scanner.sh
chmod +x drupal-cve-2026-9082-scanner.sh
# Or clone
git clone https://github.com/strobelpierre/CVE-2026-9082.git
cd CVE-2026-9082
## Usage
# Basic scan
./scanner.sh https://target.tld
# JSON output
./scanner.sh --json https://target.tld
# CSV output (pipe-friendly)
./scanner.sh --csv https://target.tld
# Verbose mode with custom timeout
./scanner.sh --verbose --timeout 60 https://target.tld
# Combine: JSON + verbose debug on stderr
./scanner.sh --json -v https://target.tld 2>debug.log | jq .
### Options
| Flag | Description |
|-------------------|--------------------------------------|
| `--json` | Output results as JSON |
| `--csv` | Output results as CSV (header + row) |
| `--verbose`, `-v` | Debug output to stderr |
| `--timeout N` | HTTP timeout in seconds (default 30) |
| `--version` | Show scanner version |
| `-h`, `--help` | Show help |
### JSON Output Example
{
"scanner": "drupal-cve-2026-9082-scanner",
"scanner_version": "1.0.0",
"scan_date": "2026-05-27T10:30:00Z",
"target": "https://example.com",
"results": {
"drupal_detected": true,
"drupal_version": "11.2.5",
"version_vulnerable": true,
"postgresql_detected": true,
"endpoints_found": 3,
"endpoints": [
{"path": "/jsonapi", "status": 200},
{"path": "/user/login", "status": 200},
{"path": "/node", "status": 403}
],
"waf_detected": false,
"waf_name": "null",
"confidence_score": 90,
"confidence_level": "HIGH"
}
}
### CSV Batch Scanning
while read -r url; do
./scanner.sh --csv "$url" | tail -1
done < targets.txt >> results.csv
## Docker
# Build
docker build -t cve-2026-9082-scanner .
# Run
docker run --rm cve-2026-9082-scanner https://target.tld
docker run --rm cve-2026-9082-scanner --json https://target.tld
## Nuclei Template
Use the included template with [Nuclei](https://github.com/projectdiscovery/nuclei):
nuclei -t nuclei/CVE-2026-9082.yaml -u https://target.tld
nuclei -t nuclei/CVE-2026-9082.yaml -l targets.txt
## Detection Methods
1. **Drupal fingerprinting** — HTML body keywords, HTTP headers
2. **Version detection** — CHANGELOG.txt, X-Generator header, asset `?v=` parameter
3. **PostgreSQL indicators** — error strings, driver names in responses
4. **Endpoint probing** — /jsonapi, /user/login, /node, /admin (parallel)
5. **WAF detection** — Cloudflare, Akamai, Sucuri, Imperva, Fastly
## Legal
See [DISCLAIMER.md](DISCLAIMER.md). Use only with explicit authorization.
See [SECURITY.md](SECURITY.md) for reporting vulnerabilities in this tool.