VulnWatch AI Security Tracker

Articles

Daily digests summarizing the vulnerabilities and incidents tracked by VulnWatch.

Apr 24, 2026 · 12 entries · daily · Subscribers only

VulnWatch Daily: Critical RCEs in Gemini CLI, Ray, and LiteLLM Proxy

Critical RCEs impact Gemini CLI and Ray pipelines. LiteLLM faces SQLi and SSTI. LangChain SSRF and Stripe webhook bypasses also featured. Immediate patching recommended for CI/CD and serving layers.

Prompt Injection Remote Code Execution SSRF
Apr 23, 2026 · 24 entries · daily · Subscribers only

VulnWatch Daily: Flowise Critical Swarm and Agentic RCE Risks

April 23, 2026: Critical RCE in Paperclip, 18+ CVEs in Flowise, and agentic consent bypasses demand immediate patching and network isolation.

Prompt Injection Remote Code Execution Auth Bypass SSRF Agentic / MCP
Apr 20, 2026 · 51 entries · weekly

Flowise Floods Critical RCEs; Agentic Frameworks Under Siege

This week saw an unprecedented cascade of critical vulnerabilities in Flowise, alongside severe agentic bypasses in Paperclip and Gemini CLI. Immediate patching is required for LLM orchestration layers.

Prompt Injection Remote Code Execution Data Leakage Auth Bypass SSRF Agentic / MCP