CVE-2026-3573
HIGH7.5EPSS 0.07%Published: 3/11/2026Modified: 3/26/2026
Description
The module and certain submodules (AI Automators, AI Translate, AI API Explorer, AI Content Suggestions) provide the ability to use an LLM to generate HTML or Markdown and preview it in a browser. Under certain circumstances, rendering of this HTML can lead to exposing secret communications in the context of the LLM request.
Affected packages (1)
- Packagist/drupal/aifrom 0, < 1.1.11 | >= 1.2.0, < 1.2.12
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| nvd | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |