Aliasrobotics Cai vulnerabilities
2 known vulnerabilities affecting aliasrobotics/cai.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2026-25130P2CRITICALCVSS 9.6PoC≤ 0.5.102026-01-30
CVE-2026-25130 [CRITICAL] CWE-78 CVE-2026-25130: Cybersecurity AI (CAI) is a framework for AI Security. In versions up to and including 0.5.10, the C
Cybersecurity AI (CAI) is a framework for AI Security. In versions up to and including 0.5.10, the CAI (Cybersecurity AI) framework contains multiple argument injection vulnerabilities in its function tools. User-controlled input is passed directly to shell commands via `subprocess.Popen()` with `shell=True`, allowing attackers to execute arbitrary
nvd
CVE-2025-67511P2CRITICALCVSS 9.6≤ 0.5.92025-12-11
CVE-2025-67511 [CRITICAL] CWE-77 CVE-2025-67511: Cybersecurity AI (CAI) is an open-source framework for building and deploying AI-powered offensive a
Cybersecurity AI (CAI) is an open-source framework for building and deploying AI-powered offensive and defensive automation. Versions 0.5.9 and below are vulnerable to Command Injection through the run_ssh_command_with_credentials() function, which is available to AI agents. Only password and command inputs are escaped in run_ssh_command_with_crede
nvd