CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm News•added 4 days ago•2 views

From Untrusted Input to Trusted Memory: A Systematic Study of Memory Poisoning Attacks in LLM Agents

Memory is a core component of AI agents, enabling them to accumulate knowledge across interactions and improve performance. However, persistent memory introduces the risk of memory poisoning, where a single adversarial memory write can exert long-term influence over agent behavior. We present a...

Packet Storm News•added 2026/05/28 12:0 a.m.•8 views

Hijacking Agent Memory: Stealthy Trojan Attacks through Conversational Interaction

Large language model LLM agents increasingly leverage long term memory to support persistent and autonomous task execution. However, this capability also introduces a new attack surface: memory poisoning, where adversaries can inject malicious information to influence future behavior. Existing...

Packet Storm News•added 2026/05/24 12:0 a.m.•6 views

MemMorph: Tool Hijacking in LLM Agents Via Memory Poisoning

LLM-driven agents are capable of selecting external tools to complete users' tasks. However, attackers could compromise such process, steering agents toward inappropriate/wrong tools and enabling malicious actions. Most existing attacks primarily manipulate the tool metadata, which is easily...

5.7AI score

Packet Storm News•added 2026/05/14 12:0 a.m.•3 views

Hidden in Memory: Sleeper Memory Poisoning in LLM Agents

Large language models are increasingly augmented with persistent memory, allowing assistants to store user-specific information across sessions for personalization and continuity. This statefulness introduces a new security risk: adversarial content can corrupt what an assistant remembers and...

OSV•added 2026/05/12 12:32 p.m.•3 views

GHSA-5852-PHMH-8FHR Spring AI: Prompt Injection via Memory Poisoning in PromptChatMemoryAdvisor

A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may be susceptible to manipulation of model behavior across conversation turns...

Github Security Blog•added 2026/05/12 12:32 p.m.•8 views

Exploits0References3

Spring AI: Prompt Injection via Memory Poisoning in PromptChatMemoryAdvisor

Exploits0References3Affected Software1

Vulnrichment•added 2026/05/12 10:17 a.m.•3 views

CVE-2026-41713 Prompt Injection via Memory Poisoning in PromptChatMemoryAdvisor

Cvelist•added 2026/05/12 10:17 a.m.•43 views

Exploits0References2

CVE-2026-41713 Prompt Injection via Memory Poisoning in PromptChatMemoryAdvisor

8.2CVSS0.00042EPSS

Exploits0References2

CVE•added 2026/05/12 10:17 a.m.•12 views

CVE-2026-41713

CVE-2026-41713 describes a prompt-injection style vulnerability in the PromptChatMemoryAdvisor where user-supplied input is stored in conversation memory and later interpreted by the model in an unintended way. Affected functionality is the advisor component that relies on memory of prior turns; ...

Exploits0References2Affected Software1

Positive Technologies•added 2026/05/06 12:0 a.m.•5 views

PT-2026-37576

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel within the drm/atmel-hlcdc component. The atmel hlcdc plane atomic duplicate state callback copies the atmel hlcdc plane state structure...

7.8CVSS5.4AI score0.00013EPSS

Exploits0References18

Tenable Nessus•added 2026/04/21 12:0 a.m.•3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013067)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013067 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix VMBUGONPAGEPagePoisonedpage when unpoison memory When I did memory failure...

7.1CVSS5.6AI score0.00022EPSS

Exploits0References4

Packet Storm News•added 2026/04/02 12:0 a.m.•1 views

Poison Once, Exploit Forever: Environment-Injected Memory Poisoning Attacks on Web Agents

Memory makes LLM-based web agents personalized, powerful, yet exploitable. By storing past interactions to personalize future tasks, agents inadvertently create a persistent attack surface that spans websites and sessions. While existing security research on memory assumes attackers can directly...

Amazon•added 2026/03/27 12:0 a.m.•6 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue CVE-2025-40083 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak of qgrouplist in btrfsaddqgrouprelation CVE-2025-40209 In t...

6.4AI score0.0009EPSS

Packet Storm News•added 2026/03/20 12:0 a.m.•1 views

Memory Poisoning and Secure Multi-Agent Systems

Memory poisoning attacks for Agentic AI and multi-agent systems MAS have recently caught attention. It is partially due to the fact that Large Language Models LLMs facilitate the construction and deployment of agents. Different memory systems are being used nowadays in this context, including...

5.9AI score

Packet Storm News•added 2026/03/19 12:0 a.m.•2 views

A Framework for Formalizing LLM Agent Security

Security in LLM agents is inherently contextual. For example, the same action taken by an agent may represent legitimate behavior or a security violation depending on whose instruction led to the action, what objective is being pursued, and whether the action serves that objective. However,...

5.9AI score

Packet Storm News•added 2026/03/12 12:0 a.m.•8 views

Taming OpenClaw: Security Analysis and Mitigation of Autonomous LLM Agent Threats

Autonomous Large Language Model LLM agents, exemplified by OpenClaw, demonstrate remarkable capabilities in executing complex, long-horizon tasks. However, their tightly coupled instant-messaging interaction paradigm and high-privilege execution capabilities substantially expand the system attack...

6AI score

Packet Storm News•added 2026/02/23 12:0 a.m.•2 views

Agentic AI As a Cybersecurity Attack Surface: Threats, Exploits, and Defenses in Runtime Supply Chains

Agentic systems built on large language models LLMs extend beyond text generation to autonomously retrieve information and invoke tools. This runtime execution model shifts the attack surface from build-time artifacts to inference-time dependencies, exposing agents to manipulation through untrust...

6AI score

Packet Storm News•added 2026/02/23 12:0 a.m.•1 views

CIBER: A Comprehensive Benchmark for Security Evaluation of Code Interpreter Agents

LLM-based code interpreter agents are increasingly deployed in critical workflows, yet their robustness against risks introduced by their code execution capabilities remains underexplored. Existing benchmarks are limited to static datasets or simulated environments, failing to capture the securit...

6.4AI score