Google DeepMind — AI Agent Traps Taxonomy Reveals Six Critical Vulnerability Classes 2026-04-01 Security
LangChain-ChatChat — RCE via MCP STDIO Server Configuration (CVE-2026-30617) 2026-04-01 Security / AI CVEs
nginx-ui — MCPwn: Unauthenticated MCP Endpoint Leads to Full Server Takeover (CVE-2026-33032) 2026-04-01 Security / AI CVEs
OpenClaw Claude Bridge — Sandbox bypass allows arbitrary tool execution in spawned subprocesses (CVE-2026-39398) 2026-04-01 Security
PraisonAI — Four critical vulnerabilities expose multi-agent AI systems to sandbox escape, RCE, and data exfiltration 2026-04-01 Security
PraisonAI — execute_code() vulnerability allows arbitrary Python code execution in multi-agent systems 2026-04-01 Security