{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T08:25:19.482","vulnerabilities":[{"cve":{"id":"CVE-2025-31693","sourceIdentifier":"mlhess@drupal.org","published":"2025-03-31T22:15:21.983","lastModified":"2025-04-15T14:58:25.040","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Drupal AI (Artificial Intelligence) allows OS Command Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.5."},{"lang":"es","value":"Vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando del sistema operativo ('Inyección de comando del sistema operativo') en Drupal AI (Artificial Intelligence) permite la inyección de comandos del sistema operativo. Este problema afecta a AI (Inteligencia Artificial): desde 0.0.0 antes de 1.0.5."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.7,"impactScore":5.9}]},"weaknesses":[{"source":"mlhess@drupal.org","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:artificial_intelligence:*:*:*:*:*:drupal:*:*","versionEndExcluding":"1.0.5","matchCriteriaId":"302F693F-2E72-44ED-AC23-F7A8A7CAA82D"}]}]}],"references":[{"url":"https://www.drupal.org/sa-contrib-2025-022","source":"mlhess@drupal.org","tags":["Vendor Advisory"]}]}}]}