AI Security Threat Feed

openclaw: local file exfiltration via trusted MEDIA refs

GHSA-qqq7-4hxc-x63c

Data Extraction Privacy Violation Agent Plugin

openclaw Patch: 2026.4.8 CWE-668 4 4 ATLAS 1 incident

OpenClaw: eval approval bypass enables unintended code exec

GHSA-q2gc-xjqw-qp89

Auth Bypass Code Execution Agent Framework

openclaw Patch: 2026.4.8 CWE-20 4 5 ATLAS 1 incident

OpenClaw: env var injection enables host RCE

GHSA-7437-7hg8-frrw

Code Execution Supply Chain Agent Plugin

openclaw Patch: 2026.4.8 CWE-184 4 5 ATLAS 1 incident

OpenClaw: wake hook trust violation elevates to System prompt

GHSA-jf56-mccx-5f3f

Prompt Injection Auth Bypass Agent Plugin

openclaw Patch: 2026.4.8 CWE-501 4 6 ATLAS 1 incident

openclaw: trust boundary bypass enables prompt injection

GHSA-gfmx-pph7-g46x

Prompt Injection Auth Bypass Agent Plugin

openclaw Patch: 2026.4.8 CWE-501 4 5 ATLAS 1 incident

CRITICAL

PraisonAI: RCE via shell injection in agent workflows

GHSA-2763-cj5r-c79m

9.7

Code Execution Prompt Injection Supply Chain Agent Framework

PraisonAI Patch: 4.5.121 CWE-78 1 6 ATLAS

LangChain: f-string template injection exposes object internals

GHSA-926x-3r5x-gfhw

5.3

Data Extraction Prompt Injection Framework

langchain-core Patch: 0.3.84 CWE-20 4.4K 4 ATLAS

CRITICAL

Marimo: pre-auth RCE via terminal WebSocket

GHSA-2679-6mx9-h9xc

Auth Bypass Code Execution Framework

marimo Patch: 0.23.0 CWE-306 2.9K 5 ATLAS

n8n-mcp: authenticated SSRF leaks cloud metadata

GHSA-4ggg-h7ph-26qr

8.5

Data Extraction Auth Bypass Privacy Violation Agent Framework Plugin

n8n-mcp Patch: 2.47.4 CWE-918 16 5 ATLAS

praisonaiagents: agent context leak + path traversal

GHSA-766v-q9x3-g744

6.5

Data Leakage Data Extraction Agent Framework

praisonaiagents Patch: 1.5.115 CWE-22 11 4 ATLAS

HIGH EXPLOIT AVAIL

praisonai: SSTI enables RCE via agent instructions

Code Execution Prompt Injection Data Extraction Agent Framework Plugin

praisonai Patch: 4.5.115 CWE-94 1 5 ATLAS

Auth Bypass Data Leakage Data Extraction Agent Framework

PraisonAI: unauth A2U stream leaks all agent activity

praisonai Patch: 4.5.115 CWE-200 1 5 ATLAS

CRITICAL

praisonaiagents: sandbox escape enables host RCE

Code Execution Auth Bypass Agent Framework

praisonaiagents Patch: 1.5.115 CWE-657 11 5 ATLAS

CRITICAL EXPLOIT AVAIL

PraisonAI: YAML deserialization enables unauthenticated RCE

Code Execution Supply Chain Agent Framework

praisonai Patch: 4.5.115 CWE-502 1 5 ATLAS

MEDIUM EXPLOIT AVAIL

LobeChat: auth bypass via forged XOR obfuscated header

Auth Bypass Data Extraction DoS API Inference

@lobehub/lobehub Patch: 2.1.48 CWE-287 3.7K 5 ATLAS

LiteLLM: auth bypass chain enables full privilege escalation

GHSA-69x8-hrgq-fjj8

Auth Bypass Data Extraction Privacy Violation API Inference Framework

litellm Patch: 1.83.0 CWE-200 4 5 ATLAS

MONAI: pickle deserialization RCE in Auto3DSeg

GHSA-89gg-p5r5-q6r4

7.7

Code Execution Supply Chain Framework Training Data

monai Patch: 1.5.2 CWE-502 105 4 ATLAS

OpenClaw: cleartext WebSocket exposes gateway credentials

GHSA-83f3-hh45-vfw9

Data Leakage Auth Bypass Agent

openclaw Patch: 2026.4.2 CWE-200 4 3 ATLAS 1 incident

openclaw: timing side-channel leaks shared-secret length

GHSA-jj6q-rrrf-h66h

Auth Bypass Data Extraction Agent Framework

openclaw Patch: 2026.4.2 CWE-208 4 3 ATLAS 1 incident

OpenClaw: Zalo webhook dedup collision silently drops events

GHSA-rxmx-g7hr-8mx4