Lucene search
K

52 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/23 12:0 a.m.10 views

OpenClaw < 2026.2.3 Prompt Injection (GHSA-782p-5fr5-7fj8)

The version of the OpenClaw AI assistant installed on the remote host is prior to 2026.2.3. It is, therefore, affected by a prompt injection vulnerability: - When the Slack integration is enabled, channel metadata topic/description can be incorporated into the model's system prompt, allowing...

3.7CVSS6AI score0.002EPSS
Exploits1References2
NVD
NVD
added 2026/02/19 7:17 a.m.6 views

CVE-2026-24764

OpenClaw formerly Clawdbot is a personal AI assistant users run on their own devices. In versions 2026.2.2 and below, when the Slack integration is enabled, channel metadata topic/description can be incorporated into the model's system prompt. Prompt injection is a documented risk for LLM-driven...

3.7CVSS0.002EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/19 1:10 a.m.22 views

CVE-2026-24764 OpenClaw has Remote Code Execution via System Prompt Injection in Slack Channel Descriptions

OpenClaw formerly Clawdbot is a personal AI assistant users run on their own devices. In versions 2026.2.2 and below, when the Slack integration is enabled, channel metadata topic/description can be incorporated into the model's system prompt. Prompt injection is a documented risk for LLM-driven...

3.7CVSS0.002EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/19 1:10 a.m.2 views

CVE-2026-24764 OpenClaw has Remote Code Execution via System Prompt Injection in Slack Channel Descriptions

OpenClaw formerly Clawdbot is a personal AI assistant users run on their own devices. In versions 2026.2.2 and below, when the Slack integration is enabled, channel metadata topic/description can be incorporated into the model's system prompt. Prompt injection is a documented risk for LLM-driven...

3.7CVSS5.5AI score0.002EPSS
Exploits1References3
OSV
OSV
added 2026/02/19 1:10 a.m.5 views

CVE-2026-24764 OpenClaw has Remote Code Execution via System Prompt Injection in Slack Channel Descriptions

OpenClaw formerly Clawdbot is a personal AI assistant users run on their own devices. In versions 2026.2.2 and below, when the Slack integration is enabled, channel metadata topic/description can be incorporated into the model's system prompt. Prompt injection is a documented risk for LLM-driven...

3.7CVSS5.5AI score0.002EPSS
Exploits1References5
OSV
OSV
added 2026/02/17 6:40 p.m.5 views

GHSA-782P-5FR5-7FJ8 OpenClaw Affected by Remote Code Execution via System Prompt Injection in Slack Channel Descriptions

Summary When the Slack integration is enabled, Slack channel metadata topic/description could be incorporated into the model's system prompt. Impact Prompt injection is a documented risk for LLM-driven systems. This issue increased the injection surface by allowing untrusted Slack channel metadat...

3.7CVSS5.7AI score0.002EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/02/17 6:40 p.m.8 views

OpenClaw Affected by Remote Code Execution via System Prompt Injection in Slack Channel Descriptions

Summary When the Slack integration is enabled, Slack channel metadata topic/description could be incorporated into the model's system prompt. Impact Prompt injection is a documented risk for LLM-driven systems. This issue increased the injection surface by allowing untrusted Slack channel metadat...

3.7CVSS5.7AI score0.002EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.7 views

PT-2026-20318

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.3 Description OpenClaw is a personal AI assistant. When the Slack integration is enabled, Slack channel metadata topic/description can be incorporated into the model's system prompt. This increases the injecti...

3.7CVSS5.6AI score0.002EPSS
Exploits1References10
CERT
CERT
added 2026/01/16 12:0 a.m.9 views

The Librarian does not secure its interface, allowing for access to internal system data

Overview Multiple vulnerabilities were discovered in The Librarian, an AI-powered personal assistant tool provided by the company TheLibrarian.io. The Librarian can be used to manage personal email, calendar, documents, and other information through external services, such as Gmail and Google...

7.5CVSS6.2AI score0.00373EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/11/19 12:0 a.m.23 views

Securing AI Agents against Prompt Injection Attacks

Retrieval-augmented generation RAG systems have become widely used for enhancing large language model capabilities, but they introduce significant security vulnerabilities through prompt injection attacks. We present a comprehensive benchmark for evaluating prompt injection risks in RAG-enabled A...

7.3AI score
Exploits0
HackRead
HackRead
added 2025/11/12 9:23 p.m.3 views

Mindgard Finds Sora 2 Vulnerability Leaking Hidden System Prompt via Audio

AI security firm Mindgard discovered a flaw in OpenAI's Sora 2 model, forcing the video generator to leak…...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/14 12:23 p.m.4 views

EUVD-2025-34183

A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File MSI repair functionality, installed with FTLinx. Authenticated attackers with valid Windows Users credentials can initiate a repair and hijack the resulting console window for vbpinstall.exe. This...

8.5CVSS6.3AI score0.00166EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-25780

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00119EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/09/29 12:0 a.m.4 views

SecInfer: Preventing Prompt Injection Via Inference-Time Scaling

Prompt injection attacks pose a pervasive threat to the security of Large Language Models LLMs. State-of-the-art prevention-based defenses typically rely on fine-tuning an LLM to enhance its security, but they achieve limited effectiveness against strong attacks. In this work, we propose...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/09/18 10:33 a.m.7 views

CVE-2025-10015

The Sparkle framework includes an XPC service Downloader.xpc, by default this service is private to the application its bundled with. A local unprivileged attacker can register this XPC service globally which will inherit TCC permissions of the application. Lack of validation of connecting client...

4.8CVSS6.4AI score0.00129EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/16 10:3 a.m.9 views

CVE-2025-10015 TCC Bypass via Downloader XPC Service in Sparkle

The Sparkle framework includes an XPC service Downloader.xpc, by default this service is private to the application its bundled with. A local unprivileged attacker can register this XPC service globally which will inherit TCC permissions of the application. Lack of validation of connecting client...

4.8CVSS0.00129EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/08/04 12:0 a.m.4 views

Large Reasoning Models Are Autonomous Jailbreak Agents

Jailbreaking -- bypassing built-in safety mechanisms in AI models -- has traditionally required complex technical procedures or specialized human expertise. In this study, we show that the persuasive capabilities of large reasoning models LRMs simplify and scale jailbreaking, converting it into a...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/21 12:0 a.m.3 views

TelegAI Cross Site Scripting

TelegAI, a web application for constructing and chatting with AI Characters, is vulnerable to persistent cross site scripting vulnerabilities in its chat component and character container component. An attacker can achieve arbitrary client-side script execution by crafting an AI Character with SV...

6.1CVSS6AI score0.00281EPSS
Exploits2
GithubExploit
GithubExploit
added 2025/07/19 9:15 a.m.93 views

Exploit for CVE-2025-51860

CVE-2025-51860 Vulnerability description TelegAI, a web...

6.1CVSS8.2AI score0.00281EPSS
Exploits2
GithubExploit
GithubExploit
added 2025/07/19 9:3 a.m.86 views

Exploit for CVE-2025-51859

CVE-2025-51859 Vulnerability description Chaindesk, a w...

6.5CVSS8.3AI score0.00435EPSS
Exploits1
Rows per page
Query Builder