SQL injection on Drupal sites using PostgreSQL

Drupal has issued a security advisory (SA-CORE-2026-004) warning of an SQL injection vulnerability affecting sites using PostgreSQL. The flaw could allow an attacker to inject malicious SQL queries. Users are advised to update to the latest Drupal core version to mitigate the risk.