AI Threat Alert
Attack Type
Prompt Injection
Prompt injection is an attack technique where an adversary crafts malicious input to manipulate LLM behavior, bypassing system instructions to execute unauthorized actions, extract data, or alter outputs. It is the most prevalent attack vector against AI systems.
58
Total CVEs
3
Pages
Page 3 of 3
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2026-28788 | Open WebUI: BOLA enables RAG poisoning via file overwrite | open-webui | 7.1 |
| HIGH | CVE-2026-33989 | @mobilenext/mobile-mcp: path traversal via AI agent tool | 8.1 | |
| UNKNOWN | CVE-2026-2285 | CrewAI: arbitrary file read via JSON loader tool | - | |
| UNKNOWN | CVE-2026-4399 | 1millionbot Millie: Boolean prompt injection bypasses restrictions | - | |
| MEDIUM | CVE-2026-34451 | anthropic-ai/sdk: memory tool path traversal escape | @anthropic-ai/sdk | - |
| HIGH | CVE-2026-34954 | praisonaiagents: SSRF leaks cloud IAM credentials | praisonaiagents | 8.6 |
| HIGH | CVE-2026-34955 | PraisonAI: sandbox escape via shell=True blocklist bypass | praisonai | 8.8 |
| HIGH | CVE-2026-34937 | PraisonAI: OS command injection via run_python() shell escape | praisonaiagents | 7.8 |
| CRITICAL | CVE-2026-34938 | praisonaiagents: sandbox bypass enables full host RCE | praisonaiagents | 10.0 |
| HIGH | CVE-2026-35394 | mobile-mcp: intent injection enables device control via AI agent | 8.3 | |
| CRITICAL | CVE-2026-39305 | PraisonAI: path traversal enables arbitrary file write/RCE | PraisonAI | 9.0 |
| MEDIUM | GHSA-846p-hgpv-vphc | OpenClaw: path traversal → host file exfiltration via QQ Bot | openclaw | - |
| MEDIUM | CVE-2026-39398 | openclaw-claude-bridge: sandbox bypass exposes CLI tools | claude-code | - |
| HIGH | CVE-2026-39891 | praisonai: SSTI enables RCE via agent instructions | praisonai | 8.8 |
| CRITICAL | GHSA-2763-cj5r-c79m | PraisonAI: RCE via shell injection in agent workflows | PraisonAI | 9.7 |
| MEDIUM | GHSA-926x-3r5x-gfhw | LangChain: f-string template injection exposes object internals | langchain-core | 5.3 |
| HIGH | GHSA-jf56-mccx-5f3f | OpenClaw: wake hook trust violation elevates to System prompt | openclaw | - |
| HIGH | GHSA-gfmx-pph7-g46x | openclaw: trust boundary bypass enables prompt injection | openclaw | - |
Page 3 of 3