RCE in Drupal Ai (Artificial Intelligence)

CVE-2025-31693

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Drupal AI (Artificial Intelligence) allows OS Command Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.003 (57.1th percentile) — read the EPSS interpretation.

Affected products

Drupal Ai (Artificial Intelligence) — versions 0.0.0

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

www.drupal.org/sa-contrib-2025-022