AI security Archives • Page 5 of 5 • Daily CyberSecurity

Critical Authentication Bypass Vulnerability Found in Milvus Proxy (CVE-2025-64513, CVSS 9.3) Milvus Auth Bypass, Vector Database Flaw

Critical Authentication Bypass Vulnerability Found in Milvus Proxy (CVE-2025-64513, CVSS 9.3)

Do Son November 12, 2025

Milvus, a leading open-source vector database that powers AI and large-scale search applications, has disclosed a critical...

Android CLI Android Security Zero-Interaction DoS CVE-2026-21385 Android Security Update UK CMA Apple Google regulation Google Aluminum OS Android 16 leak, ALOS Android ChromeOS merger Android sideloading certification 2026, Google developer verification APK Android AOSP biannual release, AOSP source code latency 2026 Android Zero-Day, Critical DoS Flaw Android Universal Clipboard Cross-Device Sync Gemini Nano Block, Unlocked Bootloader Android, Calling Cards Android Security Bulletin, RCE Vulnerability Android Linux GUI, Debian VM Android System Services, Google Transparency Android 16, Pixel Update

Gemini Nano Block: Google Locks On-Device AI Access for Smartphones with Unlocked Bootloaders

Do Son October 10, 2025

For certain advanced users and developers, unlocking the Android operating system on their smartphones is a common...

A Critical Flaw Is Exposing the AI Supply Chain to “Model Namespace Reuse” Attacks Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

A Critical Flaw Is Exposing the AI Supply Chain to “Model Namespace Reuse” Attacks

Do Son September 4, 2025

Researchers from Palo Alto Networks’ Unit 42 have disclosed a critical weakness in the AI supply chain...

REVENANT: The Experimental Framework That Infects AI Models and Evades Traditional Defenses Experimental attack framework, AI security

REVENANT: The Experimental Framework That Infects AI Models and Evades Traditional Defenses

Do Son August 18, 2025

In a new report, CYFIRMA has detailed an experimental attack framework called REVENANT, which demonstrates how adversaries...

Prompt Injection to Code Execution: Cursor Code Editor Hit by Critical MCP Vulnerabilities (CVE-2025-54135 & CVE-2025-54136) Cursor Vulnerability, MCP Security

Prompt Injection to Code Execution: Cursor Code Editor Hit by Critical MCP Vulnerabilities (CVE-2025-54135 & CVE-2025-54136)

Do Son August 4, 2025

Cursor, an AI-powered code editor that promises to “understand your codebase and help you code faster,” has...

IBM Unveils Industry-First Unified Platform for AI Governance & Security IBM AI Governance, AI Security

IBM Unveils Industry-First Unified Platform for AI Governance & Security

Do Son July 7, 2025

As generative AI becomes increasingly pervasive, enterprises deploying AI agents and automation must pursue not only operational...

Anthropic MCP Server Flaws: Path Traversal & Symlink Attacks Allow RCE Anthropic MCP, RCE Vulnerability

Anthropic MCP Server Flaws: Path Traversal & Symlink Attacks Allow RCE

Do Son July 4, 2025

Cymulate Research Labs has revealed Anthropic’s Filesystem MCP Server vulnerabilities. Two newly disclosed flaws—CVE-2025-53110 and CVE-2025-53109—exposes systems...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Critical RCE in MCP Inspector Exposes AI Devs to Web-Based Exploits (CVE-2025-49596)

Do Son July 1, 2025

A critical vulnerability—CVE-2025-49596—affected the AI developer ecosystem in June 2025, when Oligo Security Research disclosed a severe...

Trend Micro Fortifies AI Security: Integrates NVIDIA Agentic AI Safety for End-to-End Protection Trend Micro Apex One CVE-2025-71210 AI Security Trend Micro Deep Security - CVE-2024-48904 & CVE-2024-51503

Trend Micro Apex One CVE-2025-71210 AI Security Trend Micro Deep Security - CVE-2024-48904 & CVE-2024-51503

Trend Micro Fortifies AI Security: Integrates NVIDIA Agentic AI Safety for End-to-End Protection

Do Son June 17, 2025

As the adoption of generative AI accelerates across industries, enterprises are simultaneously raising their expectations for the...

CVE-2025-49596: Critical RCE Vulnerability in MCP Inspector Exposes AI Developer Environments MCP Inspector, RCE Vulnerability

CVE-2025-49596: Critical RCE Vulnerability in MCP Inspector Exposes AI Developer Environments

Do Son June 17, 2025

A newly disclosed security flaw in the MCP Inspector, a tool designed to test and debug Machine...

EchoLeak: First AI Zero-Click Vulnerability Leaks Data from Microsoft 365 Copilot AI Security, Data Exfiltration

EchoLeak: First AI Zero-Click Vulnerability Leaks Data from Microsoft 365 Copilot

Do Son June 13, 2025

In the age of artificial intelligence, a multitude of AI agents has emerged, yet their rapid proliferation...

Critical CVSS 9.8 RCE Flaw in vLLM Exposes AI Hosts to Remote Attacks vLLM Vulnerability CVE-2026-22778 vLLM Memory Corruption, AI Inference RCE CVE-2025-29783 CVE-2025-32444 vLLM vulnerability vLLM, Remote Code Execution

vLLM Vulnerability CVE-2026-22778 vLLM Memory Corruption, AI Inference RCE CVE-2025-29783 CVE-2025-32444 vLLM vulnerability vLLM, Remote Code Execution

Critical CVSS 9.8 RCE Flaw in vLLM Exposes AI Hosts to Remote Attacks

Do Son May 21, 2025

A critical vulnerability—CVE-2025-47277—has been disclosed in vLLM, a high-performance inference and serving engine for large language models...

Langflow Under Attack: CISA Warns of Active Exploitation of CVE-2025-3248 CVE-2025-3248 Langflow Vulnerability Remote Code Execution

Langflow Under Attack: CISA Warns of Active Exploitation of CVE-2025-3248

Do Son May 5, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-3248 to its Known Exploited Vulnerabilities...

NVIDIA Fixes High-Severity Vulnerability in TensorRT-LLM TensorRT-LLM, NVIDIA vulnerability

NVIDIA Fixes High-Severity Vulnerability in TensorRT-LLM

Do Son May 2, 2025

NVIDIA has released a security update for its TensorRT-LLM Framework, addressing a high-severity vulnerability that could expose...

AI Jailbreaks Expose Systemic Vulnerability in Generative AI Platforms AI Jailbreak Generative AI

AI Jailbreaks Expose Systemic Vulnerability in Generative AI Platforms

Do Son April 25, 2025

A newly disclosed vulnerability note from the CERT Coordination Center (CERT/CC) has shed light on two systemic...

NVIDIA NeMo Framework: High-Risk Vulnerabilities Allow Remote Code Execution NVIDIA NeMo Remote Code Execution

NVIDIA NeMo Framework: High-Risk Vulnerabilities Allow Remote Code Execution

Do Son April 24, 2025

NVIDIA has issued a security bulletin disclosing three high-severity vulnerabilities in its NeMo Framework, a scalable, cloud-native...

CVE-2024-0132: Incomplete NVIDIA Toolkit Patch Enables Container Escape and DoS Attacks NVIDIA DGX Cloud restructuring, Dwight Diercks engineering shift NVIDIA Isaac Launchable, Hard-coded Credentials NVIDIA Merlin Deserialization, AI Pipeline RCE Triton DoS Flaws, AI Inference Server Security NVIDIA AI programming AI Chips China 800VDC Data Center, AI Power Architecture CVE-2024-0114 NVIDIA Container Toolkit vulnerability Container escape

NVIDIA DGX Cloud restructuring, Dwight Diercks engineering shift NVIDIA Isaac Launchable, Hard-coded Credentials NVIDIA Merlin Deserialization, AI Pipeline RCE Triton DoS Flaws, AI Inference Server Security NVIDIA AI programming AI Chips China 800VDC Data Center, AI Power Architecture CVE-2024-0114 NVIDIA Container Toolkit vulnerability Container escape

CVE-2024-0132: Incomplete NVIDIA Toolkit Patch Enables Container Escape and DoS Attacks

Do Son April 13, 2025

A recent report by Trend Research has uncovered that NVIDIA’s September 2024 security update for a critical...

Tool Poisoning Attacks: Critical Vulnerability Discovered in Model Context Protocol (MCP) Tool Poisoning Attack MCP Vulnerability

Tool Poisoning Attacks: Critical Vulnerability Discovered in Model Context Protocol (MCP)

Do Son April 10, 2025

Invariant Labs has disclosed a critical vulnerability in the Model Context Protocol (MCP) that enables what they...

Google Launches Unified Security Powered by Gemini AI, Enhances Enterprise Protection Google Unified Security Gemini AI Security

Google Launches Unified Security Powered by Gemini AI, Enhances Enterprise Protection

Do Son April 9, 2025

Google has announced the launch of “Google Unified Security,” an integrated security solution powered by Gemini AI,...

Critical Alert