# cve

標記為「cve」的 13 篇文章

Agent Identity and Credential Theft

Exploiting how AI agents authenticate to external services -- credential theft through agent manipulation, MFA bypass, and impersonation attacks including BodySnatcher and CVE-2025-64106.

agentscredentialsidentityauthenticationmfa-bypasscve

進階

Case Study: LangChain CVE Analysis

Analysis of LangChain CVEs including CVE-2023-29374, CVE-2023-36258, and their root causes.

case-studieslangchaincveanalysis

中級

Case Study: LangChain Remote Code Execution Vulnerabilities (CVE-2023-29374 and CVE-2023-36258)

Technical analysis of critical remote code execution vulnerabilities in LangChain's LLMMathChain and PALChain components that allowed arbitrary Python execution through crafted LLM outputs.

case-studieslangchainrcecvesupply-chaincode-execution

進階

LangChain CVE Exploitation Lab

Reproduce and analyze LangChain CVEs including CVE-2023-29374 and CVE-2023-36258 in a safe lab environment.

labslangchaincveexploitationadvanced

進階

CVE Database for AI Systems

Curated database of CVEs affecting AI systems, frameworks, and deployment platforms.

referencescvedatabaseai-systems

中級

LangChain Exploit Chain Walkthrough

Walkthrough of chaining LangChain CVEs for remote code execution from prompt injection through to shell access.

walkthroughslangchainexploit-chaincve

進階

代理 Identity and Credential Theft

利用ing how AI agents authenticate to external services -- credential theft through agent manipulation, MFA bypass, and impersonation attacks including BodySnatcher and CVE-2025-64106.

agentscredentialsidentityauthenticationmfa-bypasscve

進階

用 AI 紅隊演練找 CVE：以研究為根基的指南

AI 紅隊演練技術如何在 SQLite、OpenSSL、Linux 核心與 UEFI 開機載入器中發現真實世界 CVE——附上背後研究的引用。

ai-securityred-teamingvulnerability-researchcve