SafeBreach Labs documented a prompt injection attack hiding malicious commands inside WhatsApp, Slack, or SMS notifications. Gemini treats hostile text as trusted. Patched Nov 2025.
CVEs, exploits, and security flaws in AI frameworks, models, and infrastructure.
SafeBreach Labs documented a prompt injection attack hiding malicious commands inside WhatsApp, Slack, or SMS notifications. Gemini treats hostile text as trusted. Patched Nov 2025.
RAG pipelines introduce document poisoning, indirect prompt injection via retrieved content, and semantic access control gaps that most security teams have not assessed.
Threat actors embed prompt injection payloads in third-party LLM plugins and data sources to hijack AI agent actions, exfiltrate data, and pivot within enterprise environments.
CVE-2026-31204: an SSRF vulnerability in Ollama allows local-network attackers to read arbitrary files and reach internal services via the model pull endpoint. All versions affected.
A critical deserialization vulnerability (CVSS 9.8) in a widely-deployed ML model serving framework allows unauthenticated RCE via crafted model files. Active exploitation confirmed.