AI Security Threat Feed

Code Execution Auth Bypass Supply Chain Agent Framework Plugin

praisonai: RCE via unpatched tool_override exec_module

praisonai Patch: 4.6.32 CWE-94 1 5 ATLAS

Auth Bypass Data Extraction Agent Plugin

praisonaiagents: SSRF via URL parser confusion bypass

CVE-2026-44335

EPSS 0.0%

5d ago

praisonaiagents Patch: 1.6.32 CWE-918 11 4 ATLAS

Supply Chain Code Execution Framework

GitPython: git config injection enables hook RCE

GitPython Patch: 3.1.49 CWE-94 81 3 ATLAS

vllm Patch: 0.20.0 CWE-131 127 2 ATLAS

vLLM: speculative decoding DoS via penalty params

Code Execution Social Engineering Supply Chain Framework Plugin

JupyterLab: one-click RCE via notebook HTML cell output

CVE-2026-42557

5d ago

notebook Patch: 7.5.6 CWE-79 2.9K 8 ATLAS

DoS Supply Chain Framework API

mistune: ReDoS exposes Jupyter/AI services to DoS

CVE-2026-33079

EPSS 0.0%

5d ago

mistune Patch: 3.2.1 CWE-1333 1.9K 4 ATLAS

vLLM: token injection DoS via multimodal placeholders

CVE-2026-44222

6.5

DoS Prompt Injection Inference Model Framework

vllm Patch: 0.20.0 CWE-129 127 5 ATLAS

LOW

ciguard: symlink traversal exposes secrets via MCP agent

CVE-2026-44220

Data Extraction Supply Chain Agent Plugin

CWE-59 6 ATLAS

JupyterLab: Extension allow-list bypass enables privesc

CVE-2026-42266

8.8

Supply Chain Auth Bypass Code Execution Framework Plugin

jupyterlab Patch: 4.5.7 CWE-20 1.9K 4 ATLAS

wireshark-mcp: path traversal enables arbitrary file write via MCP

CVE-2026-43901

6.8

Prompt Injection Code Execution Supply Chain Agent Plugin

CWE-22 5 ATLAS

Prompt Injection Code Execution Agent Framework

PPTAgent: eval injection enables RCE via LLM prompt injection

CWE-95 5 ATLAS

openclaw: Model bypasses authz to persist unsafe config

GHSA-cwj3-vqpp-pmxr

8.8

Prompt Injection Auth Bypass Code Execution Agent Plugin Framework

openclaw Patch: 2026.4.23 CWE-862 4 5 ATLAS 1 incident

OpenClaw: RCE via malicious repo setup-api.js

GHSA-r39h-4c2p-3jxp

7.8

Supply Chain Code Execution Agent Plugin

openclaw Patch: 2026.4.23 CWE-94 4 4 ATLAS 1 incident

openclaw: stale webhook secret survives credential rotation

GHSA-q8ff-7ffm-m3r9

6.0

openclaw Patch: 2026.4.23 CWE-613 4 3 ATLAS 1 incident

Auth Bypass Agent Plugin

CRITICAL

Langflow: path traversal allows arbitrary directory deletion

CVE-2026-42048

9.6

DoS Auth Bypass Framework RAG

langflow Patch: 1.9.0 CWE-22 3 ATLAS

JupyterHub: CSRF bypass on spawn and share endpoints

CVE-2026-40864

5.4

Auth Bypass DoS Framework

jupyterhub Patch: 5.4.5 CWE-352 1.9K 4 ATLAS

LobeChat: XSS-to-RCE via exposed Electron IPC

CVE-2026-42045

6.2

Code Execution Prompt Injection Social Engineering API Agent

@lobehub/lobehub CWE-78 3.7K 6 ATLAS

LOW EXPLOIT AVAIL

Langchain-Chatchat: predictable file IDs leak uploaded files

Data Extraction Privacy Violation Framework API

langchain-chatchat CWE-310 2.6K 4 ATLAS

Auth Bypass Data Extraction Framework API

jupyter-server: auth cookie survives password reset

jupyter-server Patch: 2.18.0 CWE-613 1.9K 4 ATLAS

Jupyter Server: CORS bypass via regex anchor omission

CVE-2026-40110

EPSS 0.1%