Auth bypass in Drupal Ai (Artificial Intelligence)

CVE-2026-3573

Incorrect Authorization vulnerability in Drupal AI (Artificial Intelligence) allows Resource Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.1.11, from 1.2.0 before 1.2.12.

Vulnerability class: Broken Access Control

EPSS: 0.001 (20.8th percentile) — read the EPSS interpretation.