Lucene search
+L

188 matches found

Cvelist
Cvelist
added 2026/05/12 12:0 a.m.33 views

CVE-2026-31233

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

0.00635EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 12:0 a.m.22 views

CVE-2026-31233

CVE-2026-31233 affects Guardrails AI through version 0.6.7. The vulnerability resides in the Hub package installation mechanism: when installing validator packages, the system fetches a manifest from the Guardrails Hub and dynamically executes a script specified in the post_install field. The scr...

9.8CVSS6.3AI score0.00635EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Guardrails 安全漏洞

Guardrails is a Python framework open source by Guardrails AI. Versions of Guardrails 0.6.7 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the Hub package installation mechanism, which retrieved lists from the Guardrails Hub when installing the validationer...

9.8CVSS6AI score0.00635EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.23 views

PT-2026-40120

Name of the Vulnerable Software and Affected Versions Guardrails AI versions prior to 0.6.8 Description A code injection issue exists in the Hub package installation mechanism. When installing validator packages using the command guardrails hub install, the system retrieves a manifest from the...

9.8CVSS6.3AI score0.00635EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/11 4:17 p.m.11 views

EUVD-2026-21376

LiteLLM has a sandbox escape in custom-code guardrail...

8.8CVSS5.8AI score0.06496EPSS
Exploits2References4
EUVD
EUVD
added 2026/05/08 6:24 p.m.12 views

EUVD-2024-0951

phpseclib guardrails needed on OID length...

7.5CVSS7.1AI score0.00569EPSS
Exploits0References8
OSV
OSV
added 2026/05/08 6:24 p.m.5 views

GHSA-F2QX-66WF-WVVX phpseclib guardrails needed on OID length

Impact Any application using that loads untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. Patches https://github.com/phpseclib/phpseclib/commit/e32531001b4d62c66c3d824ccef54ffad835eb59 Workarounds No. Resources...

7.5CVSS5.8AI score0.00569EPSS
Exploits0References9
HackRead
HackRead
added 2026/05/08 1:36 p.m.10 views

ClaudeBleed Vulnerability Lets Hackers Hijack Claude Chrome Extension to Steal Data

The ClaudeBleed vulnerability allows hackers to bypass Claude for Chrome guardrails to exfiltrate private Google Drive and Gmail data...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/05/06 5:57 p.m.12 views

phpseclib: guardrails needed on isPrime and randomPrime

Impact Anyone trying to generate a prime and testing the primality of a number. Patches https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575 Workarounds Using the GMP extension would probably help, assuming that one has its own guardrails. Resources...

7.5CVSS7.1AI score0.00601EPSS
Exploits0References11Affected Software1
EUVD
EUVD
added 2026/05/06 5:57 p.m.9 views

EUVD-2024-0936

phpseclib: guardrails needed on isPrime and randomPrime...

7.5CVSS5.8AI score0.00601EPSS
Exploits0References10
OSV
OSV
added 2026/05/06 5:57 p.m.5 views

GHSA-2528-JW5Q-WW88 phpseclib: guardrails needed on isPrime and randomPrime

Impact Anyone trying to generate a prime and testing the primality of a number. Patches https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575 Workarounds Using the GMP extension would probably help, assuming that one has its own guardrails. Resources...

8.7CVSS5.8AI score0.00601EPSS
Exploits0References11
Wiz blog
Wiz blog
added 2026/04/29 1:58 p.m.6 views

Wiz Code Week Recap: Securing AI Native Development

Providing Application Security teams with visibility and guardrails to secure agentic software development and the modern software supply chain...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.4 views

A Comparative Evaluation of AI Agent Security Guardrails

This report presents a comparative evaluation of DKnownAI Guard in AI agent security scenarios, benchmarked against three competing products: AWS Bedrock Guardrails, Azure Content Safety, and Lakera Guard. Using human annotation as the ground truth, we assess each guardrail's ability to detect tw...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.19 views

UNSEEN: A Cross-Stack LLM Unlearning Defense against AR-LLM Social Engineering Attacks

Emerging AR-LLM-based Social Engineering attack e.g., SEAR is at the edge of posing great threats to real-world social life. In such AR-LLM-SE attack, the attacker can leverage AR Augmented Reality glass to capture the image and vocal information of the target, using the LLM to identify the targe...

5.4AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/24 10:4 a.m.124 views

ai-security-poc

AI Security POC A fully containerised proof-of-concept for te...

5.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/15 11:30 a.m.7 views

Deterministic + Agentic AI: The Architecture Exposure Validation Requires

Few technologies have moved from experimentation to boardroom mandate as quickly as AI. Across industries, leadership teams have embraced its broader potential, and boards, investors, and executives are already pushing organizations to adopt it across operational and security functions. Pentera’s...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/15 12:0 a.m.6 views

Challenges and Future Directions in Agentic Reverse Engineering Systems

Agentic systems built on large language models LLMs are increasingly being used for complex security tasks, including binary reverse engineering RE. Despite recent growth in popularity and capability, these systems continue to face limitations in realistic settings. Cutting-edge systems still fai...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/13 5:29 p.m.5 views

CVE-2026-40217

A flaw was found in LiteLLM. A remote attacker can exploit this flaw by performing bytecode rewriting at the /guardrails/testcustomcode URI. This could lead to arbitrary code execution, allowing the attacker to run malicious code on the affected system. Mitigation Mitigation for this issue is...

8.8CVSS6AI score0.06496EPSS
Exploits2References4
Snyk
Snyk
added 2026/04/10 1:43 p.m.6 views

Arbitrary Code Injection

Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Arbitrary Code Injection in the /guardrails/testcustomcode endpoint through bytecode rewriting. An attacker can execute arbitrary code by sending specially crafted requests...

8.8CVSS6.2AI score0.06496EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2026/04/10 1:43 p.m.9 views

CVE-2026-40217

LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the /guardrails/testcustomcode URI...

8.8CVSS6.2AI score0.06496EPSS
Exploits2References1
Rows per page
Query Builder