Lucene search
K

22 matches found

Packet Storm News
Packet Storm News
added 2026/05/28 12:0 a.m.11 views

AgentDoG 1.5: A Lightweight and Scalable Alignment Framework for AI Agent Safety and Security

Modern open-world agents such as OpenClaw exhibit powerful cross-environment execution capabilities yet introduce broad new safety risk sources. Meanwhile, advanced frontier AI models drastically lower attack barriers, rendering current agent alignment frameworks inadequate for real-world...

5.9AI score
Exploits0
OSV
OSV
added 2026/05/11 4:17 p.m.5 views

GHSA-WXXX-GVQV-XP7P LiteLLM has a sandbox escape in custom-code guardrail

Impact The POST /guardrails/testcustomcode endpoint runs user-supplied Python inside a hand-rolled sandbox. The sandbox can be escaped using bytecode-level techniques, allowing arbitrary code execution in the proxy process — which runs as root in the default Docker image. Reaching the endpoint...

8.8CVSS6.2AI score0.06496EPSS
Exploits2References5
Github Security Blog
Github Security Blog
added 2026/05/11 4:17 p.m.11 views

LiteLLM has a sandbox escape in custom-code guardrail

Impact The POST /guardrails/testcustomcode endpoint runs user-supplied Python inside a hand-rolled sandbox. The sandbox can be escaped using bytecode-level techniques, allowing arbitrary code execution in the proxy process — which runs as root in the default Docker image. Reaching the endpoint...

8.8CVSS6.2AI score0.06496EPSS
Exploits2References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 3:31 p.m.9 views

Duplicate Advisory: LiteLLM has a sandbox escape in custom-code guardrail

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wxxx-gvqv-xp7p. This link is maintained to preserve external references. Original Description LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the...

8.8CVSS6.2AI score0.06496EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2026/04/10 3:31 p.m.7 views

GHSA-3926-2JVF-FG29 Duplicate Advisory: LiteLLM has a sandbox escape in custom-code guardrail

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wxxx-gvqv-xp7p. This link is maintained to preserve external references. Original Description LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the...

8.8CVSS6.2AI score0.06496EPSS
Exploits2References2
The Hacker News
The Hacker News
added 2026/03/23 11:55 a.m.7 views

We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them

AWS Bedrock is Amazon's platform for building AI-powered applications. It gives developers access to foundation models and the tools to connect those models directly to enterprise data and systems. That connectivity is what makes it powerful – but it’s also what makes Bedrock a target. When an AI...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.10 views

ChainFuzzer: Greybox Fuzzing for Workflow-Level Multi-Tool Vulnerabilities in LLM Agents

Tool-augmented LLM agents increasingly rely on multi-step, multi-tool workflows to complete real tasks. This design expands the attack surface, because data produced by one tool can be persisted and later reused as input to another tool, enabling exploitable source-to-sink dataflows that only...

5.9AI score
Exploits0
Snyk
Snyk
added 2026/02/26 10:46 p.m.5 views

Improper Neutralization of Input Used for LLM Prompting

Overview @n8n/n8n-nodes-langchain is a Affected versions of this package are vulnerable to Improper Neutralization of Input Used for LLM Prompting via the Guardrail node. An attacker can modify workflow input to circumvent intended restrictions by crafting specific input values. Workaround This...

6.3CVSS5.9AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/02/26 10:46 p.m.6 views

n8n has a Guardrail Node Bypass

Impact An end user interacting with a workflow that uses the Guardrail node could craft an input that bypasses the default guardrail instructions. Patches The issue has been fixed in n8n version 2.10.0. Users should upgrade to this version or later to remediate the vulnerability. Workarounds If...

5.3AI score
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/26 10:46 p.m.4 views

GHSA-FVFV-PPW4-7H2W n8n has a Guardrail Node Bypass

Impact An end user interacting with a workflow that uses the Guardrail node could craft an input that bypasses the default guardrail instructions. Patches The issue has been fixed in n8n version 2.10.0. Users should upgrade to this version or later to remediate the vulnerability. Workarounds If...

6.3CVSS5.4AI score
Exploits0References4
Malwarebytes
Malwarebytes
added 2026/01/05 12:11 p.m.9 views

Grok apologizes for creating image of young girls in “sexualized attire”

Another AI system designed to be powerful and engaging ends up illustrating how guardrails routinely fail when development speed and feature races outrun safety controls. In a post on X, AI chatbot Grok confirmed that it generated an image of young girls in “sexualized attire.” The potential...

6.9AI score
Exploits0
HackRead
HackRead
added 2025/12/24 11:23 a.m.9 views

Eurostar Accused Researchers of Blackmail for Reporting AI Chatbot Flaws

Researchers discovered critical flaws in Eurostar’s AI chatbot including prompt injection, HTML injection, guardrail bypass, and unverified chat IDs - Eurostar later accused them of blackmail...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/06 12:0 a.m.6 views

Black-Box Guardrail Reverse-Engineering Attack

Large language models LLMs increasingly employ guardrails to enforce ethical, legal, and application-specific constraints on their outputs. While effective at mitigating harmful responses, these guardrails introduce a new class of vulnerabilities by exposing observable decision patterns. In this...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/19 12:0 a.m.4 views

BreakFun: Jailbreaking LLMs Via Schema Exploitation

The proficiency of Large Language Models LLMs in processing structured data and adhering to syntactic rules is a capability that drives their widespread adoption but also makes them paradoxically vulnerable. In this paper, we investigate this vulnerability through BreakFun, a jailbreak methodolog...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/16 12:0 a.m.5 views

Active Honeypot Guardrail System: Probing and Confirming Multi-Turn LLM Jailbreaks

Large language models LLMs are increasingly vulnerable to multi-turn jailbreak attacks, where adversaries iteratively elicit harmful behaviors that bypass single-turn safety filters. Existing defenses predominantly rely on passive rejection, which either fails against adaptive attackers or overly...

7.2AI score
Exploits0
Talos Blog
Talos Blog
added 2025/08/14 6:0 p.m.10 views

What happened in Vegas (that you actually want to know about)

Welcome to this week's edition of the Threat Source newsletter. Last week I flew 5,000 miles to Las Vegas for Black Hat USA. After navigating the casino carpet labyrinth and finding the only venue in Nevada that serves a proper English breakfast tea with milk lifesaver, I've decided Black Hat fee...

9.8CVSS7.3AI score0.09756EPSS
Exploits4
GithubExploit
GithubExploit
added 2025/08/10 6:56 a.m.133 views

Exploit for Incorrect Authorization in Sudo_Project Sudo

sudo CVE-2025 Toolkit Unified scanner, benign proof-of-...

9.3CVSS7AI score0.47467EPSS
Exploits77
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.5 views

OneShield -- the Next Generation of LLM Guardrails

The rise of Large Language Models has created a general excitement about the great potential for a myriad of applications. While LLMs offer many possibilities, questions about safety, privacy, and ethics have emerged, and all the key actors are working to address these issues with protective...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/17 12:0 a.m.4 views

PolyGuard: Massive Multi-Domain Safety Policy-Grounded Guardrail Dataset

Whitepaper called PolyGuard: Massive Multi-Domain Safety Policy-Grounded Guardrail Dataset...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/06 12:0 a.m.5 views

LlamaFirewall: an Open Source Guardrail System for Building Secure AI Agents

Large language models LLMs have evolved from simple chatbots into autonomous agents capable of performing complex tasks such as editing production code, orchestrating workflows, and taking higher-stakes actions based on untrusted inputs like webpages and emails. These capabilities introduce new...

7.7AI score
Exploits0
Rows per page
Query Builder