Flowise: Airtable_Agent Code Injection Remote Code Execution Vulnerability

PraisonAI Vulnerable to OS Command Injection

PraisonAI MCP `tools/call` path-traversal => RCE via Python `.pth` injection

OpenClaude Sandbox Bypass via Model-Controlled `dangerouslyDisableSandbox` Input

GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service

langchain-ai/langchainjs versions 0.2.5 and all versions with this class allows for prompt injection, leading to SQL injection. This vulnerability permits unauthorized data manipulation, data exfiltration, denial of service

PandasAI uses an interactive prompt function that is vulnerable to prompt injection and run arbitrary Python code that can lead to Remote Code Execution (RCE) instead of the intended explanation

DeepSeek TUI: run_tests Tool Enables RCE via Malicious Repository

from the lack of proper sandboxing when evaluating an LLM generated python script. Using prompt injection techniques, an unauthenticated attacker with the ability to send prompts to a chatflow using

Flowise: CSV Agent Prompt Injection Remote Code Execution Vulnerability

sandbox escape, denial of service by crashing the server, server-side request forgery, prompt injection, and server

LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method

OpenClaw Agent Platform v2026.2.6 allows attackers to execute arbitrary code via a Request-Side prompt injection attack

function and markdown image processing. Attackers can influence tool calls through direct manipulation or prompt injection to trigger requests to internal services and re-upload responses as Feishu media

result, an attacker can execute arbitrary Python and OS commands on the server via prompt injection, leading to full Remote Code Execution (RCE). Version 1.8.0 fixes the issue

langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component. This vulnerability allows attackers to execute arbitrary code and compromise the application

Langroid has Prompt to SQL Injection, Leading

Langchain SQL Injection vulnerability

npm PraisonAI AgentOS exposes unauthenticated agent listing and invocation

PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak