In March 2025 the Drupal Security Team released https://www.drupal.org/sa-contrib-2025-021 (assigned CVE-2025-3169) which addressed a Remote Code Execution vulnerability in the Artificial Intelligence (AI) contributed module, which is included in Drupal CMS.
I discovered this vulnerability, and I think it's an interesting one that warrants a closer look.
