CVE-2026-25130 – Cybersecurity AI vulnerable to command Injection through argument injection in find_file Agent tool

CVE ID : CVE-2026-25130

Published : Jan. 30, 2026, 8:15 p.m. | 55 minutes ago

Description : Cybersecurity AI (CAI) is a framework for AI Security. In versions up to and including 0.5.10, the CAI (Cybersecurity AI) framework contains multiple argument injection vulnerabilities in its function tools. User-controlled input is passed directly to shell commands via `subprocess.Popen()` with `shell=True`, allowing attackers to execute arbitrary commands on the host system. The `find_file()` tool executes without requiring user approval because find is considered a “safe” pre-approved command. This means an attacker can achieve Remote Code Execution (RCE) by injecting malicious arguments (like -exec) into the args parameter, completely bypassing any human-in-the-loop safety mechanisms. Commit e22a1220f764e2d7cf9da6d6144926f53ca01cde contains a fix.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…