19 matches found
Cybersecurity AI (CAI) Framework 0.5.10 - Command Injection
Exploit Title: Cybersecurity AI CAI Framework 0.5.10 - Command Injection CVE: CVE-2026-25130 Date: 2026-02-03 Exploit Author: Mohammed Idrees Banyamer Author Country: Jordan Instagram: @banyamersecurity Author GitHub: https://github.com/yourusername Vendor Homepage:...
CVE-2026-25130
Cybersecurity AI CAI is a framework for AI Security. In versions up to and including 0.5.10, the CAI Cybersecurity AI framework contains multiple argument injection vulnerabilities in its function tools. User-controlled input is passed directly to shell commands via subprocess.Popen with...
CVE-2026-25130
Cybersecurity AI CAI is a framework for AI Security. In versions up to and including 0.5.10, the CAI Cybersecurity AI framework contains multiple argument injection vulnerabilities in its function tools. User-controlled input is passed directly to shell commands via subprocess.Popen with...
GHSA-JFPC-WJ3M-QW2M CAI find_file Agent Tool has Command Injection Vulnerability Through Argument Injection
Summary The CAI Cybersecurity AI framework contains multiple argument injection vulnerabilities in its function tools. User-controlled input is passed directly to shell commands via subprocess.Popen with shell=True, allowing attackers to execute arbitrary commands on the host system. Vulnerable...
CVE-2026-25130
CVE-2026-25130 affects the Cybersecurity AI (CAI) framework up to version 0.5.10. The vulnerability is in the find_file() tool (src/cai/tools/reconnaissance/filesystem.py): user-controlled input is concatenated into a shell command using a plain f-string and run via shell=True, enabling argument ...
CVE-2026-25130 Cybersecurity AI vulnerable to command Injection through argument injection in find_file Agent tool
Cybersecurity AI CAI is a framework for AI Security. In versions up to and including 0.5.10, the CAI Cybersecurity AI framework contains multiple argument injection vulnerabilities in its function tools. User-controlled input is passed directly to shell commands via subprocess.Popen with...
CVE-2026-25130 Cybersecurity AI vulnerable to command Injection through argument injection in find_file Agent tool
Cybersecurity AI CAI is a framework for AI Security. In versions up to and including 0.5.10, the CAI Cybersecurity AI framework contains multiple argument injection vulnerabilities in its function tools. User-controlled input is passed directly to shell commands via subprocess.Popen with...
CVE-2026-25130
Cybersecurity AI CAI is a framework for AI Security. In versions up to and including 0.5.10, the CAI Cybersecurity AI framework contains multiple argument injection vulnerabilities in its function tools. User-controlled input is passed directly to shell commands via subprocess.Popen with...
CVE-2026-25130 Cybersecurity AI vulnerable to command Injection through argument injection in find_file Agent tool
Cybersecurity AI CAI is a framework for AI Security. In versions up to and including 0.5.10, the CAI Cybersecurity AI framework contains multiple argument injection vulnerabilities in its function tools. User-controlled input is passed directly to shell commands via subprocess.Popen with...
Cybersecurity AI operating system command injection vulnerabilities
Cybersecurity AI is an open-source network security AI framework developed by Alias Robotics. Versions of Cybersecurity AI prior to 0.5.10 contain a vulnerability related to operating system command injection. This vulnerability stems from parameter injections in multiple function tools, which ma...
PT-2026-5441
Name of the Vulnerable Software and Affected Versions Cybersecurity AI CAI versions up to and including 0.5.10 Description The Cybersecurity AI CAI framework contains multiple argument injection vulnerabilities within its function tools. User-controlled input is directly passed to shell commands...
Towards Cybersecurity Superintelligence: From AI-Guided Humans to Human-Guided AI
Cybersecurity superintelligence -- artificial intelligence exceeding the best human capability in both speed and strategic reasoning -- represents the next frontier in security. This paper documents the emergence of such capability through three major contributions that have pioneered the field o...
CVE-2025-67511
Cybersecurity AI CAI is an open-source framework for building and deploying AI-powered offensive and defensive automation. Versions 0.5.9 and below are vulnerable to Command Injection through the runsshcommandwithcredentials function, which is available to AI agents. Only password and command...
Cybersecurity AI 命令注入漏洞
Cybersecurity AI is an open source cybersecurity AI security framework from Alias Robotics. A command injection vulnerability exists in Cybersecurity AI version 0.5.9 and earlier, which stems from a command injection in the runsshcommandwithcredentials function that could lead to the execution of...
CVE-2025-67511 Cybersecurity AI (CAI) vulnerable to Command Injection in run_ssh_command_with_credentials Agent tool
Cybersecurity AI CAI is an open-source framework for building and deploying AI-powered offensive and defensive automation. Versions 0.5.9 and below are vulnerable to Command Injection through the runsshcommandwithcredentials function, which is available to AI agents. Only password and command...
EUVD-2025-202335
Cybersecurity AI CAI is an open-source framework for building and deploying AI-powered offensive and defensive automation. Versions 0.5.9 and below are vulnerable to Command Injection through the runsshcommandwithcredentials function, which is available to AI agents. Only password and command...
CVE-2025-67511 Cybersecurity AI (CAI) vulnerable to Command Injection in run_ssh_command_with_credentials Agent tool
Cybersecurity AI CAI is an open-source framework for building and deploying AI-powered offensive and defensive automation. Versions 0.5.9 and below are vulnerable to Command Injection through the runsshcommandwithcredentials function, which is available to AI agents. Only password and command...
Cybersecurity AI: The World's Top AI Agent for Security Capture-The-Flag (CTF)
Are Capture-the-Flag competitions obsolete? In 2025, Cybersecurity AI CAI systematically conquered some of the world's most prestigious hacking competitions, achieving Rank 1 at multiple events and consistently outperforming thousands of human teams. Across five major circuits-HTB's AI vs Humans,...
The Cybersecurity of a Humanoid Robot
The rapid advancement of humanoid robotics presents unprecedented cybersecurity challenges that existing theoretical frameworks fail to adequately address. This report presents a comprehensive security assessment of a production humanoid robot platform, bridging the gap between abstract security...