When prompts become shells: RCE vulnerabilities in AI agent frameworks

In this article 1. A representative case study: Semantic Kernel 2. CVE-2026-26030: In-Memory Vector Store 3. CVE-2026-25592: Arbitrary file write through SessionsPythonPlugin 4. The vulnerability 5. Attack chain overview 6. Defending the agentic edge 7. Not bugs, but developed by design 8. CTF...

Improper Neutralization of Special Elements in Data Query Logic

Overview org.springframework.ai:spring-ai-weaviate-store is a Building AI applications with Spring Boot Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter...

org.springframework.ai:spring-ai-starter-vector-store-milvus (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-milvus-store (>=1.1.0-M1 <=1.1.4)

org.springframework.ai:spring-ai-milvus-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321391...

io.github.vishalmysore:easyQServer (>=0.2.8.11.1 <=0.2.8.12.3), org.springframework.ai:spring-ai-mongodb-atlas-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) +1 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-mongodb-atlas-store (>=1.0.0-M5 <=1.0.5)

org.springframework.ai:spring-ai-mongodb-atlas-store MAVEN version =1.0.0-M5, =0.2.8.11.1, =1.0.0-M5, =1.0.0, =1.0.5 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321392...

Improper Neutralization of Special Elements in Data Query Logic

Overview org.springframework.ai:spring-ai-couchbase-store is a Spring AI Couchbase Vector Store Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter underlying...

CVE-2026-20976

Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script...

CVE-2019-2870

Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are 12.1.6.1.23, 12.1.6.1.26, 12.1.6.1.29, 12.1.6.1.36, 12.1.6.2.23 and 12.1.6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Data...

CVE-2019-2869

Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are 12.1.6.1.23, 12.1.6.1.26, 12.1.6.1.29, 12.1.6.1.36, 12.1.6.2.23 and 12.1.6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Data...

CVE-2019-2868

Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are 12.1.6.1.23, 12.1.6.1.26, 12.1.6.1.29, 12.1.6.1.36, 12.1.6.2.23 and 12.1.6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Data...

PT-2026-1019

Name of the Vulnerable Software and Affected Versions code-projects Online Guitar Store version 1.0 Description A flaw exists in code-projects Online Guitar Store 1.0 that allows for SQL injection. This occurs through manipulation of the del pro argument within the /admin/Delete product.php file...

CampCodes Retro Basketball Shoes Online Store 跨站脚本漏洞

CampCodes Retro Basketball Shoes Online Store is an online store for retro basketball shoes from CampCodes, Inc. A code injection vulnerability exists in CampCodes Retro Basketball Shoes Online Store version 1.0, which stems from an incorrect manipulation of the parameter productname in the file...

CVE-2025-12338

A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. This vulnerability affects unknown code of the file /admin/adminproduct.ph. Executing a manipulation of the argument pid can lead to sql injection. The attack may be launched remotely. The exploit has been made...

EUVD-2025-36392

A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. This vulnerability affects unknown code of the file /admin/adminproduct.ph. Executing manipulation of the argument pid can lead to sql injection. The attack may be launched remotely. The exploit has been made...

PT-2025-44067

Name of the Vulnerable Software and Affected Versions Campcodes Retro Basketball Shoes Online Store version 1.0 Description A security flaw exists in Campcodes Retro Basketball Shoes Online Store version 1.0. The issue affects an unknown part of the file /admin/admin feature.php. Manipulation of...

CVE-2025-62478

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Object Store. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit...

PT-2025-41742

Name of the Vulnerable Software and Affected Versions yousaf530 Inferno Online Clothing Store versions prior to 827dd42bfbe380e8de76fdc67958c24cf1246208 Description A SQL injection issue exists in yousaf530 Inferno Online Clothing Store. The issue is due to improper handling of user-supplied inpu...

EUVD-2020-24606

Malware in sbrugna...

EUVD-2019-12508

Malware in sbrugna...

EUVD-2015-4781

Malware in sbrugna...

EUVD-2017-12734

Malware in sbrugna...