Cybersecurity Ai

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-67511 CRITICAL POC PATCH Act Now

A critical command injection vulnerability exists in the Cybersecurity AI (CAI) framework versions 0.5.9 and below, allowing attackers to execute arbitrary commands through unsanitized SSH parameters (username, host, port) in the run_ssh_command_with_credentials() function accessible to AI agents. The vulnerability has a publicly available proof-of-concept exploit and enables remote code execution with potential for complete system compromise, though real-world exploitation probability remains relatively low at 0.12% EPSS score despite the high CVSS rating of 9.6.

Command Injection Ssh AI / ML RCE Cybersecurity Ai
NVD GitHub VulDB
CVSS 3.1
9.6
EPSS
0.1%
CVE-2025-67511
EPSS 0% CVSS 9.6
CRITICAL POC PATCH Act Now

A critical command injection vulnerability exists in the Cybersecurity AI (CAI) framework versions 0.5.9 and below, allowing attackers to execute arbitrary commands through unsanitized SSH parameters (username, host, port) in the run_ssh_command_with_credentials() function accessible to AI agents. The vulnerability has a publicly available proof-of-concept exploit and enables remote code execution with potential for complete system compromise, though real-world exploitation probability remains relatively low at 0.12% EPSS score despite the high CVSS rating of 9.6.

Command Injection Ssh AI / ML +2
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy