Lucene search
K

156 matches found

OSV
OSV
added 3 days ago6 views

PYSEC-2026-347 Guardrails AI contains a code injection vulnerability in its Hub package installation mechanism

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

9.8CVSS6.3AI score0.00635EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2026/06/10 10:27 a.m.19 views

Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar

Your pentest report looks clean. That might be the problem. Run automated pentesting long enough, and the new findings start to dry up. By the third or fourth run, fewer issues appear. The report looks stable. Leadership reads "stable" as "secure." It usually isn't. The work slows down. The risk...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/07 12:43 a.m.11 views

CVE-2026-45758

Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 8:17 p.m.13 views

CVE-2026-45758

Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security...

9.6CVSS0.00276EPSS
Exploits0References3
PyPA
PyPA
added 2026/06/05 8:17 p.m.7 views

PYSEC-0000-CVE-2026-45758

Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/06/05 8:17 p.m.9 views

PYSEC-2026-206

Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/05 8:17 p.m.9 views

PYSEC-2026-206

Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/05 7:35 p.m.32 views

CVE-2026-45758 Malicious code in guardrails-ai 0.10.1 (supply chain compromise)

Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security...

9.6CVSS0.00276EPSS
Exploits0References3
CVE
CVE
added 2026/06/05 7:35 p.m.27 views

CVE-2026-45758

CVE-2026-45758 affects Guardrails AI (Python framework). A malicious PyPI release, guardrails-ai==0.10.1, was published on 2026-05-11. Security telemetry reports no observed requests to Guardrails AI infrastructure from 0.10.1 and no data exfiltration evidence, but affected users should act. The ...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/05 7:35 p.m.7 views

CVE-2026-45758 Malicious code in guardrails-ai 0.10.1 (supply chain compromise)

Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/05 7:35 p.m.7 views

CVE-2026-45758

Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/05 7:35 p.m.11 views

EUVD-2026-34912

Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

Guardrails 安全漏洞

Guardrails is a Python framework open source by Guardrails AI. Version 0.10.1 of Guardrails contains a security vulnerability. This vulnerability stems from the release of a malicious version to PyPI, which may cause damage to user systems...

9.6CVSS5.3AI score0.00276EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/05/28 12:0 a.m.10 views

AgentDoG 1.5: A Lightweight and Scalable Alignment Framework for AI Agent Safety and Security

Modern open-world agents such as OpenClaw exhibit powerful cross-environment execution capabilities yet introduce broad new safety risk sources. Meanwhile, advanced frontier AI models drastically lower attack barriers, rendering current agent alignment frameworks inadequate for real-world...

5.9AI score
Exploits0
OSV
OSV
added 2026/05/22 1:45 p.m.10 views

MAL-2026-4677 Malicious code in swift-optimizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c54f35da6df5cef65715d49fb7942aff442ee9a0cb486862031e5009277db3a On npm install, [email protected] runs scripts/install-binary.js as a postinstall hook. The script is a hand-rolled JavaScript bytecode VM 123 KB...

5.9AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/21 12:0 a.m.10 views

Prompt Overflow: What the Guardrail Inspects Is Not What the Model Infers

Guardrail models a.k.a. safety checkers are widely deployed to screen user inputs before they reach large language models LLMs, serving as a primary defense against prompt injection attacks. Due to strict context constraints, these models handle overlength prompts through truncation or...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/19 3:40 p.m.6 views

GHSA-XMPW-2VMM-P4P6 Malicious code in guardrails-ai 0.10.1 (supply chain compromise)

Impact On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Affected: any user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026. Security researchers identified the malicious package within approximately 2 hours ...

9.6CVSS5.8AI score0.00276EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/05/19 3:40 p.m.15 views

Malicious code in guardrails-ai 0.10.1 (supply chain compromise)

Impact On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Affected: any user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026. Security researchers identified the malicious package within approximately 2 hours ...

9.6CVSS5.8AI score0.00276EPSS
Exploits0References6Affected Software1
GithubExploit
GithubExploit
added 2026/05/19 1:19 p.m.104 views

Exploit for Unprotected Alternate Channel in Litellm

CVE-2026-40217 — LiteLLM Guardrail Sandbox Escape LiteLLM...

8.8CVSS6AI score0.06496EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.15 views

PT-2026-41973

Name of the Vulnerable Software and Affected Versions guardrails-ai version 0.10.1 Description A malicious version of the Python framework was published to PyPI. The package was identified by security researchers and quarantined by PyPI within approximately two hours of publication. Telemetry and...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References15
Rows per page
Query Builder