Drupal Artificial Intelligence
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Drupal Artificial Intelligence.
By the Year
In 2026 there have been 4 vulnerabilities in Drupal Artificial Intelligence with an average score of 6.0 out of ten. Last year, in 2025 Artificial Intelligence had 2 security vulnerabilities published. That is, 2 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 4 | 5.95 |
| 2025 | 2 | 0.00 |
It may take a day or so for new Artificial Intelligence vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Drupal Artificial Intelligence Security Vulnerabilities
Drupal AI Missing Auth v1.4.3 Forceful Browse (CVE-2026-13235)
CVE-2026-13235
- July 10, 2026
Missing Authorization vulnerability in Drupal AI (Artificial Intelligence) allows Forceful Browsing. This issue affects AI (Artificial Intelligence) versions: from 0.0.0 to 1.2.17, from 1.3.0 to 1.3.8, from 1.4.0 to 1.4.3.
AuthZ
Drupal AI (0.0.01.4.3) XSS Vulnerability
CVE-2026-13234
- July 10, 2026
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal AI (Artificial Intelligence) allows Cross-Site Scripting (XSS). This issue affects AI (Artificial Intelligence) versions: from 0.0.0 to 1.2.17, from 1.3.0 to 1.3.8, from 1.4.0 to 1.4.3.
XSS
Drupal AI <1.1.11 & <1.2.12: Incorrect Auth Enables Resource Injection
CVE-2026-3573
7.5 - High
- March 26, 2026
Incorrect Authorization vulnerability in Drupal AI (Artificial Intelligence) allows Resource Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.1.11, from 1.2.0 before 1.2.12.
AuthZ
Drupal AI XSS CVE-2025-13981 v<1.1.7 or <1.2.4
CVE-2025-13981
4.4 - Medium
- January 28, 2026
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal AI (Artificial Intelligence) allows Cross-Site Scripting (XSS).This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.7, from 1.1.0 before 1.1.7, from 1.2.0 before 1.2.4.
XSS
Drupal AI OS Command Injection CVE-2025-31693 (before 1.0.5)
CVE-2025-31693
- March 31, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Drupal AI (Artificial Intelligence) allows OS Command Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.5.
Shell injection
Drupal AI OS Command Injection (before 1.0.5)
CVE-2025-31692
- March 31, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Drupal AI (Artificial Intelligence) allows OS Command Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.5.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Drupal Artificial Intelligence or by Drupal? Click the Watch button to subscribe.