CNNVD-202601-5038 Information

CNNVD ID

CNNVD-202601-5038

Related CVE

CVE-2026-25130

• CNNVD Published: 2026-01-30

Description (Chinese)

Cybersecurity AI是Alias Robotics开源的一个网络安全AI安全框架。 Cybersecurity AI 0.5.10及之前版本存在操作系统命令注入漏洞，该漏洞源于多个函数工具存在参数注入，可能导致远程代码执行。

Description (English)

Cybersecurity AI is an AI security framework for online security that is open to Alias Robotics. Cybersecurity AI 0.5.10 and previous versions have an operational system command-injection loophole, which results from the presence of parameters in multiple function tools, which may lead to remote code execution.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

Alias Robotics

Published

2026-01-30

Last Modified

2026-02-24

References

https://github.com/aliasrobotics/cai/blob/559de8fcbc2b44f3b0360f35ffdc2bb975e7d7e4/src/cai/tools/reconnaissance/filesystem.py#L60 https://github.com/aliasrobotics/cai/commit/e22a1220f764e2d7cf9da6d6144926f53ca01cde https://github.com/aliasrobotics/cai/security/advisories/GHSA-jfpc-wj3m-qw2m https://access.redhat.com/security/cve/cve-2026-25130