AML.T0101

Data Destruction via AI Agent Tool Invocation

Adversaries may invoke an AI agent's tool capable of performing mutative operations to perform Data Destruction. Adversaries may destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources.

18 CVEs mapped View on MITRE ATLAS →

Severity	CVE	Headline	Package	CVSS
CRITICAL	CVE-2026-25592	semantic-kernel: Path Traversal enables file access	semantic-kernel	9.9
CRITICAL	CVE-2025-61913	Flowise: path traversal in file tools leads to RCE	flowise	9.9
CRITICAL	CVE-2024-23751	LlamaIndex: SQL injection in Text-to-SQL feature	llamaindex	9.8
CRITICAL	CVE-2024-7042	LangChainJS: prompt injection enables full graph DB takeover	langchain	9.8
CRITICAL	CVE-2024-8309	LangChain GraphCypher: prompt injection enables DB wipe	langchain	9.8
CRITICAL	CVE-2024-7774	LangChain.js: path traversal, arbitrary file read/write	langchain.js	9.1
CRITICAL	CVE-2026-21445	langflow: Missing Auth allows unauthenticated access	langflow	9.1
CRITICAL	CVE-2026-39305	PraisonAI: path traversal enables arbitrary file write/RCE	PraisonAI	9.0
HIGH	GHSA-qwgj-rrpj-75xm	PraisonAI: hardcoded approval bypass enables RCE	PraisonAI	8.8
HIGH	CVE-2026-33053	langflow: IDOR enables unauthorized data access	langflow	8.8
HIGH	CVE-2026-27498	n8n: Code Injection enables RCE	n8n	8.8
HIGH	CVE-2026-33989	@mobilenext/mobile-mcp: path traversal via AI agent tool		8.1
HIGH	CVE-2024-0453	WordPress ChatBot: missing authz deletes OpenAI files	wpbot	7.7
MEDIUM	CVE-2026-6542	Langflow: IDOR exposes cross-tenant flow data and deletion	langflow	6.5
MEDIUM	CVE-2026-29070	open-webui: missing authz allows cross-KB file deletion	open-webui	5.4
MEDIUM	GHSA-m34q-h93w-vg5x	openclaw: path traversal enables remote dir overwrite	openclaw	—
HIGH	GHSA-28g4-38q8-3cwc	Flowise: Cypher injection allows full Neo4j DB wipe	flowise-components	—
UNKNOWN	CVE-2026-41274	Flowise: Cypher injection via GraphCypherQAChain node	flowise	—