CVE-2025-64318

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Configuration Files.This issue affects Mulesoft Anypoint Code Builder: before 1.12.1...

CVE-2025-64320

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Code Injection.This issue affects Agentforce Vibes Extension: before 3.2.0...

Real-VulLLM: An LLM Based Assessment Framework in the Wild

Artificial Intelligence AI and more specifically Large Language Models LLMs have demonstrated exceptional progress in multiple areas including software engineering, however, their capability for vulnerability detection in the wild scenario and its corresponding reasoning remains underexplored...

Improper Neutralization of Input Used for LLM Prompting

Overview @modelcontextprotocol/server-slack is a MCP server for interacting with Slack Affected versions of this package are vulnerable to Improper Neutralization of Input Used for LLM Prompting via the automatic link unfurling process. An attacker can access sensitive information by manipulating...