CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2 days ago•5 views

EUVD-2026-37899

8.4CVSS5.6AI score

CVE•added 2 days ago•7 views

CVE-2026-46580

Theia before v1.71.0 loads files matching .prompts/*.prompttemplate from a workspace, allowing attacker-controlled content to override the AI agent’s system prompts (indirect prompt injection). This enables attack chains with untrusted workspaces, potentially causing data exfiltration via Markdow...

8.4CVSS5.7AI score

Positive Technologies•added 2 days ago•7 views

PT-2026-50808

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 1.5.115 Description An information disclosure issue exists in the MultiAgentLedger component. The system fails to enforce the uniqueness of agent IDs, allowing attackers to register agents with duplicate IDs. This...

7.1CVSS5.9AI score

Exploits0References6

Packet Storm News•added 2026/06/02 12:0 a.m.•8 views

Domain-Conditioned Safety in Frontier Computer-Using Agents: A 793-Episode Browser Benchmark, a Coding-Domain Cross-Reference, and a Reproducibility Audit of Recent Red-Teaming

Recent computer-using-agent CUA red-teaming papers report prompt-injection attack success rates ASR of 42-98%, but these headline numbers cluster on retired models and on the most-vulnerable model in each paper's panel. We ask whether those techniques, reproduced as hand-crafted templates, still...

5.5AI score

Exploits0

RedhatCVE•added 2026/05/19 1:58 a.m.•8 views

CVE-2026-45351

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user non-admin logs into the application, a http://IP:8080/api/models? web request is initiated by the application and in response, it reveals the system prompt of...

Vulnrichment•added 2026/05/15 9:9 p.m.•5 views

CVE-2026-45351 Open WebUI: Exposure of System Prompt to Regular User [Non-Admin]

CVE•added 2026/05/15 9:9 p.m.•11 views

CVE-2026-45351

Open WebUI vulnerability CVE-2026-45351: A non-admin user could trigger a request to /api/models? and receive the system prompt of available models, revealing admin-set backend prompts and compromising confidentiality. This affects Open WebUI self-hosted offline AI platform versions prior to 0.8....

Exploits1References1Affected Software1

Cvelist•added 2026/05/15 9:9 p.m.•35 views

CVE-2026-45351 Open WebUI: Exposure of System Prompt to Regular User [Non-Admin]

6.5CVSS0.00281EPSS

CNNVD•added 2026/05/15 12:0 a.m.•8 views

Open WebUI 信息泄露漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.8.9 contained a vulnerability related to information leakage. This vulnerability occurred when non-administrator users logged in, causing the application to send...

Packet Storm News•added 2026/05/08 12:0 a.m.•15 views

Exploits1References2

SecureForge: Finding and Preventing Vulnerabilities in LLM-Generated Code Via Prompt Optimization

LLM coding agents now generate code at an unprecedented scale, yet LLM-generated code introduces cybersecurity vulnerabilities into codebases without human involvement. Even when frontier models are explicitly asked to write secure production code with relevant weaknesses to avoid in context, we...

5.8AI score

Exploits0

SUSE CVE•added 2026/05/05 1:48 a.m.•3 views

SUSE CVE-2026-7482

Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and size exceed the file's actual length; during quantization in fs/ggml/gguf.go and...

9.1CVSS5.8AI score0.00756EPSS

Exploits3References3

Packet Storm News•added 2026/04/14 12:0 a.m.•2 views

Honeypot Protocol

Trusted monitoring, the standard defense in AI control, is vulnerable to adaptive attacks, collusion, and strategic attack selection. All of these exploit the fact that monitoring is passive: it observes model behavior but never probes whether the model would behave differently under different...

5.8AI score

Exploits0

Positive Technologies•added 2026/03/10 12:0 a.m.•3 views

PT-2026-24209

Name of the Vulnerable Software and Affected Versions openclaw-core versions 0.3.x Description A critical deserialization issue exists in openclaw-core that allows arbitrary instruction injection through specially crafted system prompts. This affects all deployed instances. The issue requires...

5.9AI score

Exploits1References2

CNVD•added 2026/03/02 12:0 a.m.•2 views

OpenClaw Command Injection Vulnerability

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a command injection vulnerability that stems from improper cleanup of workspace paths when embedded in system prompts, which can be exploited by an attacker to cause command injection...

8.6CVSS5.8AI score0.00205EPSS

CNVD•added 2026/03/02 12:0 a.m.•1 views

OpenClaw Code Injection Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a code injection vulnerability. The vulnerability stems from the fact that channel metadata may be included in the model's system prompts when the Slack integration is enabled, increasing the attack...

3.7CVSS5.9AI score0.002EPSS

RedhatCVE•added 2026/02/20 1:22 a.m.•7 views

CVE-2026-24764

OpenClaw formerly Clawdbot is a personal AI assistant users run on their own devices. In versions 2026.2.2 and below, when the Slack integration is enabled, channel metadata topic/description can be incorporated into the model's system prompt. Prompt injection is a documented risk for LLM-driven...

3.7CVSS5.5AI score0.002EPSS