EUVD-2026-37802

Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK installpackages...

CVE-2026-12530

Improper neutralization of argument delimiters in the installpackages method in AWS Bedrock AgentCore Python SDK versions = 1.1.3 and 1.6.1 might allow a remote authenticated user to execute arbitrary commands within the Code Interpreter sandbox via crafted package name arguments. To mitigate thi...

CVE-2026-12530

The issue CVE-2026-12530 affects the AWS Bedrock AgentCore Python SDK install_packages() in versions >= 1.1.3 and

CVE-2026-2275

The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which can enable RCE through arbitrary C function calling...

Exposed Dangerous Method or Function

Overview crewai-tools is a Set of tools for the crewAI framework Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the CodeInterpreter tool that fallbacks to SandboxPython when Docker is unreachable. An attacker can execute arbitrary code by invoking...

CVE-2026-2275

The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which can enable RCE through arbitrary C function calling...

CVE-2026-2275

The CVE-2026-2275 issue affects CrewAI's CodeInterpreter Tool, which falls back to SandboxPython when Docker is unreachable. This fallback can enable Remote Code Execution (RCE) via arbitrary C function calls. The vulnerability is tied to the CodeInterpreter Tool’s insecure fallback behavior and ...

PT-2026-29048

Name of the Vulnerable Software and Affected Versions CrewAI versions affected versions not specified Description The CodeInterpreter tool within CrewAI reverts to SandboxPython when Docker is unreachable. This fallback can allow for Remote Code Execution RCE through the ability to call arbitrary...

CrewAI contains multiple vulnerabilities including SSRF, RCE and local file read

Overview Four vulnerabilities have been identified in CrewAI, including remote code execution RCE, arbitrary local file read, and server-side request forgery SSRF. CVE-2026-2275 is directly caused by the Code Interpreter Tool. The other three vulnerabilities result from improper default...

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence AI code execution environments using domain name system DNS queries. In a report published Monday, BeyondTrust revealed that Amazon Bedrock AgentCore Code Interpreter's...

Researchers Find Data Leak Risk in AWS Bedrock AI Code Interpreter

AWS Bedrock AI tool flaw allows data leaks via DNS queries in AgentCore Code Interpreter sandbox, exposing sensitive cloud data, researchers warn...

CIBER: A Comprehensive Benchmark for Security Evaluation of Code Interpreter Agents

LLM-based code interpreter agents are increasingly deployed in critical workflows, yet their robustness against risks introduced by their code execution capabilities remains underexplored. Existing benchmarks are limited to static datasets or simulated environments, failing to capture the securit...

Running in CIRCLE? A Simple Benchmark for LLM Code Interpreter Security

As large language models LLMs increasingly integrate native code interpreters, they enable powerful real-time execution capabilities, substantially expanding their utility. However, such integrations introduce potential system-level cybersecurity threats, fundamentally different from prompt-based...

When GPT Spills the Tea: Comprehensive Assessment of Knowledge File Leakage in GPTs

Knowledge files have been widely used in large language model LLM agents, such as GPTs, to improve response quality. However, concerns about the potential leakage of knowledge files have grown significantly. Existing studies demonstrate that adversarial prompts can induce GPTs to leak knowledge...

GPT Academic Command Injection Vulnerability

GPT Academic is an interface that provides pragmatic interactions for LLM grand language models such as GPT/GLM. GPT Academic suffers from a command injection vulnerability that stems from a security issue with the CodeInterpreter plugin, which can be exploited by an attacker to achieve Remote Co...

GPT Academic 代码注入漏洞

GPT Academic is an interface that provides pragmatic interactions for LLM grand language models such as GPT/GLM. GPT Academic suffers from a command injection vulnerability that stems from a security issue with the CodeInterpreter plugin, which can be exploited by an attacker to achieve Remote Co...

Fedora Update for mono FEDORA-2011-3393

Check for the Version of mono OpenVAS Vulnerability Test Fedora Update for mono FEDORA-2011-3393 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Fedora Update for mono FEDORA-2007-068

Check for the Version of mono OpenVAS Vulnerability Test Fedora Update for mono FEDORA-2007-068 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

[SECURITY] Fedora Core 6 Update: mono-1.1.17.1-4.fc6

The Mono runtime implements a JIT engine for the ECMA CLI virtual machine as well as a byte code interpreter, the class loader, the garbage collector, threading system and metadata access libraries...