This archive includes all published incident pages. Page 16 of 18.
Each page is intended to help a security team answer three questions quickly: why the issue is AI-relevant, what part of the workflow may be exposed, and what actions should happen first.
Selection criteria and correction policy are documented in Methodology & Editorial Policy.
Incident date: February 10, 2026 | Published: February 25, 2026
Overview A prototype pollution vulnerability present in CASL Ability versions 2.4.0 through 6.7.4 is triggered through the rulesToFields() function in the extra module.
Incident date: February 5, 2026 | Published: February 14, 2026
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS vulnerability in ReadRSSFeedBlock.
Incident date: February 5, 2026 | Published: February 25, 2026
SmarterTools SmarterMail - SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method.
Incident date: January 26, 2026 | Published: February 25, 2026
SmarterTools SmarterMail - SmarterTools SmarterMail contains an authentication bypass using an alternate path or channel vulnerability in the password reset API.
Incident date: January 21, 2026 | Published: February 14, 2026
5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Prior to version 0.15.
Incident date: January 20, 2026 | Published: February 25, 2026
Overview An out-of-bounds memory access vulnerability exists in the uncompressed decoder component of libheif .
Incident date: January 20, 2026 | Published: February 25, 2026
Overview The Open5GS WebUI component contains default hardcoded secrets used for security-sensitive operations, including JSON Web Token (JWT) signing.
Incident date: January 20, 2026 | Published: February 25, 2026
Overview A stack-based buffer overflow vulnerability exists in GNU libtasn1, a low-level ASN.1 parsing library. The issue is caused by unsafe string concatenation in the asn1_expand_octet_string function located in decoding.c .
Incident date: January 20, 2026 | Published: February 25, 2026
Overview Kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x64, versions 10.5.75.0 and 11.11.4.0, allows for an unprivileged user to abuse an IOCTL path and terminate protected system processes.
Incident date: January 20, 2026 | Published: February 25, 2026
Overview A Server-Side Template Injection (SSTI) vulnerability exists in the Genshi template engine due to unsafe evaluation of template expressions.