ASR AI Security Radar
Methodology Recent Incidents Get Notified

Back to incidents

AI security incident: VU#458422: CASL Ability contains a prototype pollution vulnerability

Incident date: February 10, 2026 | Published: February 25, 2026 | Source: RSS advisory | Classification confidence: 94%

This incident is part of the public archive. AI-specific signals are limited in the current source material, so source citations should be reviewed closely during triage. Review methodology.

Overview A prototype pollution vulnerability present in CASL Ability versions 2.4.0 through 6.7.4 is triggered through the rulesToFields() function in the extra module. The program’s library contains a method called setByPath() that does not properly sanitize property names, allowing attackers to add or modify properties on an object’s prototype. Description The CASL library provides a robust suite for managing attribute-based access control across various components, services, and queries. Access control is defined with a set of rule conditions. The library provides a set of default values for these conditions.

Why This Is AI-Related

This advisory is part of the public incident archive, but the current source material uses limited explicit AI terminology, so the cited sources should be reviewed carefully when judging AI relevance and exposure.

  • Explicit AI-specific signals are limited in the current source material, so use the cited advisory to validate scope during triage.

Affected Workflow

Review the AI product, dependency, and integration points mentioned in the source advisory before broadening remediation.

Likely Attack Path

The advisory indicates a security path that can affect AI applications, assistants, models, or connected automation workflows if the component is deployed.

Impact

The advisory describes an availability or resource-exhaustion path that can disrupt AI-serving components and supporting automation. Severity HIGH. Classification confidence 94%. Source channel RSS.

Detection And Triage Signals

  • New security events tied to the affected component or advisory identifier
  • Changes in AI workflow behavior, access logs, or plugin execution after the advisory window
  • Evidence that the vulnerable version is active in environments that process sensitive data

Recommended Response

  • Identify inference endpoints, parsing jobs, or queues that rely on the affected component.
  • Apply vendor mitigations and add rate, size, or input controls to reduce exhaustion risk during triage.
  • Monitor latency, restart frequency, queue backlog, and saturation indicators for active disruption.

Compliance And Business Impact

Even when exploit details are still emerging, delayed triage can widen operational and compliance exposure around AI systems.

Sources

Want alerts like this in real time?

Get notified with incident context, likely impact, and response guidance.

Get Notified

More incidents