AI Security Threat Feed

openclaw: operator scope bypass in phone arm/disarm cmds

GHSA-h2v7-xc88-xx8c

openclaw Patch: 2026.3.28 CWE-285 4 3 ATLAS 1 incident

Auth Bypass Agent Plugin

MEDIUM EXPLOIT AVAIL

MLflow: stored XSS via MLmodel YAML artifact upload

CVE-2026-33865

EPSS 0.0%

Code Execution Auth Bypass Data Extraction Framework Model

mlflow Patch: 3.11.1 CWE-79 624 4 ATLAS

MEDIUM EXPLOIT AVAIL

HuggingFace Transformers: RCE via malicious checkpoint load

Code Execution Supply Chain Framework Training Data

transformers Patch: 5.0.0rc3 CWE-502 7.8K 3 ATLAS

CRITICAL EXPLOIT AVAIL

PraisonAI: path traversal exposes full filesystem via agent tools

CVE-2026-35615

EPSS 0.1%

Data Extraction Code Execution Agent Framework

PraisonAI Patch: 1.5.113 CWE-22 1 5 ATLAS

Supply Chain Code Execution Agent Framework

PraisonAI: recipe registry path traversal file write

PraisonAI Patch: 4.5.113 CWE-22 1 4 ATLAS

Supply Chain Code Execution Agent Framework

PraisonAI: recipe path traversal allows arbitrary file write

PraisonAI Patch: 4.5.113 CWE-22 1 6 ATLAS

CRITICAL EXPLOIT AVAIL

PraisonAI: path traversal enables arbitrary file write/RCE

Code Execution Prompt Injection Supply Chain Agent Framework

PraisonAI Patch: 4.5.113 1 5 ATLAS

Supply Chain Code Execution Agent Framework

PraisonAI: Zip Slip enables arbitrary file write / RCE

PraisonAI Patch: 4.5.113 CWE-23 1 5 ATLAS

OpenClaw: script preflight bypass enables unsafe exec

CVE-2026-34425

EPSS 0.1%

Auth Bypass Code Execution Agent Plugin

openclaw Patch: 2026.4.2 CWE-184 4 4 ATLAS 1 incident

Supply Chain Model Poisoning Code Execution Framework Training Data

kedro-datasets: path traversal enables arbitrary file write

kedro-datasets Patch: 9.3.0 CWE-22 2.8K 3 ATLAS

HIGH

OpenClaw: PKCE verifier leak enables OAuth token theft

CVE-2026-34511

EPSS 0.0%

Auth Bypass Data Extraction Agent API

openclaw Patch: 2026.4.2 CWE-345 4 4 ATLAS

Supply Chain Code Execution Framework

BentoML: malicious bento archive RCE via Jinja2 SSTI

bentoml Patch: 1.4.38 CWE-1336 22 5 ATLAS

Supply Chain Code Execution Framework

BentoML: cmd injection RCE on cloud build infra

bentoml Patch: 1.4.38 CWE-78 22 5 ATLAS

CRITICAL

LiteLLM: auth bypass via JWT cache key collision

Auth Bypass Data Extraction API Framework Inference

litellm Patch: 1.83.0 CWE-287 4 4 ATLAS

UNKNOWN EXPLOIT AVAIL

LiteLLM: auth bypass allows RCE and full takeover

CVE-2026-35029

EPSS 14.9%

Auth Bypass Code Execution Data Extraction Framework API Inference

litellm Patch: 1.83.0 CWE-863 4 6 ATLAS

DoS Framework Inference API

vLLM: OOM DoS via unbounded video frame decoding

vllm Patch: 0.19.0 CWE-770 126 3 ATLAS

Data Extraction Auth Bypass Framework Inference

vLLM: SSRF in batch API exposes cloud metadata endpoints

vllm Patch: 0.19.0 CWE-918 126 5 ATLAS

vllm Patch: 0.19.0 CWE-770 126 4 ATLAS

vLLM: DoS via unbounded n parameter causes OOM crash

OpenClaw: SSRF in marketplace fetch hits internal AI infra

GHSA-9q7v-8mr7-g23p

Supply Chain Data Extraction Auth Bypass Plugin Inference Agent

openclaw Patch: 2026.3.31 CWE-918 4 4 ATLAS

HIGH

onnx: TOCTOU symlink following enables arbitrary file write

GHSA-q56x-g2fj-4rj6

7.1