Articles

Daily digests summarizing the vulnerabilities and incidents tracked by VulnWatch.

Filtered by tag: ssrf

Apr 30, 2026 · 8 entries · daily · Subscribers only

IBM Langflow Critical Cluster: RCE, Data Leaks, and SSRF Risks

Seven high-severity vulnerabilities impact IBM Langflow Desktop and OSS versions, enabling RCE and data theft. Immediate patching is required for AI orchestration layers.

SSRF
Apr 27, 2026 · 5 entries · daily · Subscribers only

VulnWatch Daily: SSRF Waves Hit AI Gateways and MCP Servers

Critical SSRF flaws plague NextChat and MCP studios while aider faces command injection risks. vllm stability also compromised.

Remote Code Execution SSRF
Apr 25, 2026 · 3 entries · daily · Subscribers only

VulnWatch Daily: Critical MCP & Agentic Vulnerabilities in OpenClaw and LiteLLM

New advisories highlight risks in agent gateway configurations and MCP stdio transports. OpenClaw and LiteLLM users must patch immediately to prevent config mutations and authenticated RCE.

SSRF Agentic / MCP
Apr 24, 2026 · 12 entries · daily · Subscribers only

VulnWatch Daily: Critical RCEs in Gemini CLI, Ray, and LiteLLM Proxy

Critical RCEs impact Gemini CLI and Ray pipelines. LiteLLM faces SQLi and SSTI. LangChain SSRF and Stripe webhook bypasses also featured. Immediate patching recommended for CI/CD and serving layers.

Prompt Injection Remote Code Execution SSRF
Apr 23, 2026 · 24 entries · daily · Subscribers only

VulnWatch Daily: Flowise Critical Swarm and Agentic RCE Risks

April 23, 2026: Critical RCE in Paperclip, 18+ CVEs in Flowise, and agentic consent bypasses demand immediate patching and network isolation.

Prompt Injection Remote Code Execution Auth Bypass SSRF Agentic / MCP
Apr 20, 2026 · 51 entries · weekly

Flowise Floods Critical RCEs; Agentic Frameworks Under Siege

This week saw an unprecedented cascade of critical vulnerabilities in Flowise, alongside severe agentic bypasses in Paperclip and Gemini CLI. Immediate patching is required for LLM orchestration layers.

Prompt Injection Remote Code Execution Data Leakage Auth Bypass SSRF Agentic / MCP

Articles

IBM Langflow Critical Cluster: RCE, Data Leaks, and SSRF Risks

VulnWatch Daily: SSRF Waves Hit AI Gateways and MCP Servers

VulnWatch Daily: Critical MCP & Agentic Vulnerabilities in OpenClaw and LiteLLM

VulnWatch Daily: Critical RCEs in Gemini CLI, Ray, and LiteLLM Proxy

VulnWatch Daily: Flowise Critical Swarm and Agentic RCE Risks

Flowise Floods Critical RCEs; Agentic Frameworks Under Siege