System	Score	Found at
epss	0.00314	https://api.first.org/data/v1/epss?cve=CVE-2025-31674
cvssv4	4.5	https://github.com/drupal/core
generic_textual	MODERATE	https://github.com/drupal/core
cvssv4	4.5	https://nvd.nist.gov/vuln/detail/CVE-2025-31674
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2025-31674
cvssv3.1	7.5	https://www.drupal.org/sa-core-2025-003
cvssv4	4.5	https://www.drupal.org/sa-core-2025-003
generic_textual	MODERATE	https://www.drupal.org/sa-core-2025-003
ssvc	Track	https://www.drupal.org/sa-core-2025-003

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2025-31674
		https://github.com/drupal/core
		https://nvd.nist.gov/vuln/detail/CVE-2025-31674
		https://www.drupal.org/sa-core-2025-003
GHSA-2qph-q8xw-gv7q		https://github.com/advisories/GHSA-2qph-q8xw-gv7q

No exploits are available.

Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U Found at https://github.com/drupal/core

Attack Vector (AV)	Attack Complexity (AC)	Attack Requirements (AT)	Privileges Required (PR)	User Interaction (UI)	Vulnerable System Impact Confidentiality (VC)	Vulnerable System Impact Integrity (VI)	Vulnerable System Impact Availability (VA)	Subsequent System Impact Confidentiality (SC)	Subsequent System Impact Integrity (SI)	Subsequent System Impact Availability (SA)
network adjacent local physical	low high	none present	none low high	none passive active	high low none	high low none	high low none	high low none	high low none	high low none

Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U Found at https://nvd.nist.gov/vuln/detail/CVE-2025-31674

Attack Vector (AV)	Attack Complexity (AC)	Attack Requirements (AT)	Privileges Required (PR)	User Interaction (UI)	Vulnerable System Impact Confidentiality (VC)	Vulnerable System Impact Integrity (VI)	Vulnerable System Impact Availability (VA)	Subsequent System Impact Confidentiality (SC)	Subsequent System Impact Integrity (SI)	Subsequent System Impact Availability (SA)
network adjacent local physical	low high	none present	none low high	none passive active	high low none	high low none	high low none	high low none	high low none	high low none

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://www.drupal.org/sa-core-2025-003

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U Found at https://www.drupal.org/sa-core-2025-003

Attack Vector (AV)	Attack Complexity (AC)	Attack Requirements (AT)	Privileges Required (PR)	User Interaction (UI)	Vulnerable System Impact Confidentiality (VC)	Vulnerable System Impact Integrity (VI)	Vulnerable System Impact Availability (VA)	Subsequent System Impact Confidentiality (SC)	Subsequent System Impact Integrity (SI)	Subsequent System Impact Availability (SA)
network adjacent local physical	low high	none present	none low high	none passive active	high low none	high low none	high low none	high low none	high low none	high low none

---

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-03T17:16:59Z/ Found at https://www.drupal.org/sa-core-2025-003

---

Percentile	0.54772
EPSS Score	0.00314
Published At	May 30, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-05-30T22:54:28.227788+00:00	EPSS Importer	Import	https://epss.cyentia.com/epss_scores-current.csv.gz	38.6.0