[un]prompted 2026 — Netflix Researchers on Source-to-Sink LLM Vulnerability Discovery 2026-05-02 Security / AI CVEs / Research
Anthropic — Claude Security Public Beta for Vulnerability Scanning 2026-05-01 Security / AI CVEs / Research
BufferZoneCorp — Poisoned Ruby Gems & Go Modules Target CI Pipelines 2026-05-01 Security / AI CVEs / Research
CISA & Five Eyes — Joint Guidance on Secure Agentic AI Deployment 2026-05-01 Security / AI CVEs / Research
IBM Langflow Desktop — CVE-2026-6543 Command Injection (CVSS 8.8) 2026-05-01 Security / AI CVEs / Research
Linux Kernel "Copy Fail" — 732-Byte Local Root Exploit Hits Every Major Distro Since 2017 (CVE-2026-31431) 2026-05-01 Security / AI CVEs / Research
n8n-mcp — SSRF Bypass via IPv4-Mapped IPv6 Addresses (CVE-2026-42349) 2026-05-01 Security / AI CVEs / Research
PyTorch Lightning — PyPI Package Compromised in Mini Shai-Hulud Supply Chain Attack 2026-05-01 Security / AI CVEs / Research
VentureBeat — Six Exploits Against AI Coding Agents, All Targeting Credentials 2026-05-01 Security / AI CVEs / Research
Cequence Security — Agent Personas for Scoped MCP Privileges 2026-04-30 Security / AI CVEs / Research
DSN 2026 — First Cross-Entity Security Study of the MCP Ecosystem 2026-04-30 Security / AI CVEs / Research
MCPTox — Tool Poisoning Benchmark Shows 73% Attack Success Rate on MCP Agents 2026-04-30 Security / AI CVEs / Research
TeamPCP Escalates Mini Shai-Hulud Campaign to SAP npm and PyTorch Lightning 2026-04-30 Security / AI CVEs / Research
Novee — Cursor IDE CVE-2026-26268: Git Hooks Enable RCE via AI Coding Agent 2026-04-30 Security / AI CVEs / Research
RAGShield — Numerical Claim Manipulation in RAG Systems Evades Embedding Defenses 2026-04-30 Security / AI CVEs / Research
SecureAuth — Agent Trust Registry Opens to the Public for AI Agent Governance 2026-04-30 Security / AI CVEs / Research