Incorrect Authorization vulnerability in Drupal AI (Artificial Intelligence) allows Resource Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.1.11, from 1.2.0 before 1.2.

Description

Incorrect Authorization vulnerability in Drupal AI (Artificial Intelligence) allows Resource Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.1.11, from 1.2.0 before 1.2.12.

References

https://www.drupal.org/sa-contrib-2026-028

Related News (1 articles)

Tier C

VulDB4h ago

CVE-2026-3573 | Drupal AI up to 1.1.10/1.2.11 authorization (sa-contrib-2026-028)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

CWECWE-863

Published3/26/2026

Last enriched2h agov2

Trending Score20

Source articles1

Independent1

Info Completeness5/14

Missing: vendor, product, cvss, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Version History

Last enriched 2h ago

v2Tier C2h ago

Updated affected versions to 1.1.10 and 1.2.11, changed severity to HIGH, and marked the vulnerability as actively exploited.

affectedVersions

via VulDB

v14h ago

Initial creation