All topics

ai

40 pieces of writing

security13 min read

OpenClaw's 470 advisories show unauthenticated RCE became a cloud AI platform pattern

OpenClaw's 470 advisories show how cloud AI platforms turn prompt handling, tool calls and host execution into an unauthenticated RCE pattern at scale.

security13 min read

CIFSwitch CVE-2026-46243 and PraisonAI show privilege escalation is an architectural antipattern

security12 min read

Gogs, PraisonAI and KnowledgeDeliver show authentication bypass is a self-hosted platform design failure

MCP OAuth token persistence turns AI orchestration into a supply-chain trust boundary
security13 min read

MCP OAuth token persistence turns AI orchestration into a supply-chain trust boundary

MCP-based AI orchestration moves OAuth tokens, access grants and memory persistence into the same execution path. Credential handling is now the weakest link in the AI supply chain.

security11 min read

GitHub Actions OIDC and TanStack show why 2026 supply chain attacks target release authority

maboloshi/github-chinese PR #692 fixed DOM XSS in translation results
vulnerability8 min read

maboloshi/github-chinese PR #692 fixed DOM XSS in translation results

RAGFlow PR #14803 removed a CWE-502 pickle RCE footgun from deserialize_b64
vulnerability7 min read

RAGFlow PR #14803 removed a CWE-502 pickle RCE footgun from deserialize_b64

RAGFlow's deserialize_b64 helper defaulted to bare pickle.loads behind an unset safety flag. PR #14803 makes RestrictedUnpickler the only path.

getsentry/XcodeBuildMCP PR #289 hardens shell escaping in MCP tool execution
vulnerability9 min read

getsentry/XcodeBuildMCP PR #289 hardens shell escaping in MCP tool execution

AReaL PR #1323 refuses the default admin API key on network-facing proxy binds
vulnerability9 min read

AReaL PR #1323 refuses the default admin API key on network-facing proxy binds

Harbor PR #236 blocks CWE-78 in remote profile downloads
vulnerability7 min read

Harbor PR #236 blocks CWE-78 in remote profile downloads

Harbor accepted remotely downloaded profile values that could later be expanded through eval, allowing command injection through a configuration import path. PR #236 adds validation before remote profiles are installed.

Softeria ms-365-mcp-server PR #456 validates redirect_uri before Microsoft Entra forwarding
vulnerability7 min read

Softeria ms-365-mcp-server PR #456 validates redirect_uri before Microsoft Entra forwarding

CodeGraphContext PR #882 rejects write Cypher on /api/graph
vulnerability7 min read

CodeGraphContext PR #882 rejects write Cypher on /api/graph

vulnerability9 min read

Project NOMAD PR #823: a hardcoded HMAC secret was real, but the fix was incomplete

A threat model analysis of Project NOMAD PR #823, where a hardcoded benchmark HMAC secret was a valid CWE-798 finding but the maintainer was right that client-side relocation was not enough.

vulnerability7 min read

checkcle PR #224 moved PocketBase JWTs out of localStorage

mcp-searxng PR #71 fixed a CWE-1333 ReDoS in section extraction
vulnerability7 min read

mcp-searxng PR #71 fixed a CWE-1333 ReDoS in section extraction