AI Threat Alert
Attack Type
Prompt Injection
Prompt injection is an attack technique where an adversary crafts malicious input to manipulate LLM behavior, bypassing system instructions to execute unauthorized actions, extract data, or alter outputs. It is the most prevalent attack vector against AI systems.
58
Total CVEs
3
Pages
Page 2 of 3
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| UNKNOWN | CVE-2025-59532 | OpenAI Codex CLI: sandbox escape via model-generated cwd | - | |
| UNKNOWN | CVE-2024-48919 | Cursor IDE: prompt injection triggers terminal RCE | - | |
| CRITICAL | CVE-2024-12366 | PandasAI: prompt injection enables unauthenticated RCE | 9.8 | |
| UNKNOWN | CVE-2024-10950 | gpt_academic: RCE via unsandboxed prompt injection | gpt_academic | - |
| HIGH | CVE-2024-12911 | llama-index: SQLi+DoS via prompt injection in query engine | llamaindex | 7.1 |
| HIGH | CVE-2025-66404 | mcp-server-kubernetes: Command Injection enables RCE | 8.8 | |
| LOW | CVE-2026-24764 | OpenClaw: indirect prompt injection via Slack metadata | openclaw | 3.7 |
| HIGH | CVE-2026-26321 | OpenClaw: path traversal enables local file exfiltration | openclaw | 7.5 |
| CRITICAL | CVE-2024-23751 | LlamaIndex: SQL injection in Text-to-SQL feature | llamaindex | 9.8 |
| UNKNOWN | CVE-2025-34072 | Slack MCP: zero-click exfiltration via link unfurling | - | |
| UNKNOWN | CVE-2025-55012 | Zed Agent Panel: AI agent RCE via permissions bypass | - | |
| CRITICAL | CVE-2025-67511 | cai-framework: Command Injection enables RCE | 9.6 | |
| HIGH | CVE-2026-27001 | OpenClaw: prompt injection via unsanitized workspace path | openclaw | 7.8 |
| CRITICAL | CVE-2026-27825 | mcp-atlassian: Path Traversal enables file access | mcp-atlassian | 9.1 |
| HIGH | CVE-2026-27826 | mcp-atlassian: SSRF allows internal network access | mcp-atlassian | 8.2 |
| CRITICAL | CVE-2026-25481 | langroid: Code Injection enables RCE | - | |
| CRITICAL | CVE-2026-25130 | cai-framework: Command Injection enables RCE | 9.7 | |
| MEDIUM | GHSA-gpx9-96j6-pp87 | agentos-taskweaver: Protection Bypass circumvents security controls | 6.5 | |
| CRITICAL | CVE-2023-32785 | LangChain: prompt injection → SQL RCE (CVSS 9.8) | langchain | 9.8 |
| UNKNOWN | CVE-2026-33873 | Langflow: server-side RCE via LLM-generated code exec | langflow | - |