Ai-agents

This hub aggregates every CVE we track for Ai-agents, a product in the ai ml space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Ai-agents.

• CVE-2026-10617nextlevelbuilder GoClaw Webhook Verification auth.go resolveAuth missing authentication7.3Jun 2, 2026
• CVE-2026-10616nextlevelbuilder GoClaw Team Task Completion team_tasks_lifecycle.go TeamTasksTool.executeComplete authorization4.3Jun 2, 2026
• CVE-2026-10583nextlevelbuilder GoClaw TTS Configuration Endpoint tts_config.go import server-side request forgery4.7Jun 2, 2026
• CVE-2026-10291Enderfga claw-orchestrator Session Grep Endpoint embedded-server.ts validateRegex redos4.3Jun 1, 2026
• CVE-2026-10281Enderfga claw-orchestrator API Endpoint embedded-server.ts EmbeddedServer missing authentication7.3Jun 1, 2026
• CVE-2026-10219nextlevelbuilder GoClaw write_file Tool fsbridge.go FsBridge.WriteFile os command injection7.3Jun 1, 2026
• CVE-2026-10218nextlevelbuilder GoClaw evolution_handlers.go auth improper authorization5.4Jun 1, 2026
• CVE-2026-10217nextlevelbuilder GoClaw RoleAdmin Gateway tts_config.go handleSave privileges management6.3Jun 1, 2026
• CVE-2026-10216unitedbyai droidclaw claim Endpoint pairing.ts excessive authentication3.7Jun 1, 2026
• CVE-2026-9565haojing8312 WorkClaw Blacklist bash.rs is_dangerous os command injection6.3May 26, 2026
• CVE-2026-9453FoundDream miniclawd SkillsLoader skills-loader.ts which command injection7.3May 25, 2026
• CVE-2026-9452FoundDream miniclawd exec.ts ExecTool.execute os command injection7.3May 25, 2026
• CVE-2026-8634Crabbox < v0.12.0 Environment Variable Information Disclosure9.1May 14, 2026
• CVE-2026-8629Crabbox < v0.12.0 Privilege Escalation via Agent Ticket Endpoints8.1May 14, 2026
• CVE-2026-8621Crabbox < v0.12.0 Authentication Bypass via Header Spoofing8.8May 14, 2026