VulnWatch AI Security Tracker

Articles

Daily digests summarizing the vulnerabilities and incidents tracked by VulnWatch.

Filtered by tag: prompt-injection

Apr 20, 2026 · 51 entries · weekly

Flowise Floods Critical RCEs; Agentic Frameworks Under Siege

This week saw an unprecedented cascade of critical vulnerabilities in Flowise, alongside severe agentic bypasses in Paperclip and Gemini CLI. Immediate patching is required for LLM orchestration layers.

Prompt Injection Remote Code Execution Data Leakage Auth Bypass SSRF Agentic / MCP