Sebastion
All topics

security

46 pieces of writing

security13 min read

OpenClaw's 470 advisories show unauthenticated RCE became a cloud AI platform pattern

OpenClaw's 470 advisories show how cloud AI platforms turn prompt handling, tool calls and host execution into an unauthenticated RCE pattern at scale.

security13 min read

Authentication bypass in 2026: access validation keeps failing before critical operations

security13 min read

PCPJack, polyfill CDN and Bright Data SDK show supply chain attacks moving into runtime weaponisation

security13 min read

CIFSwitch CVE-2026-46243 and PraisonAI show privilege escalation is an architectural antipattern

CIFSwitch CVE-2026-46243 and PraisonAI show why vertical movement often follows from designs that let low-trust identities shape high-trust operations.

security12 min read

Gogs, PraisonAI and KnowledgeDeliver show authentication bypass is a self-hosted platform design failure

MCP OAuth token persistence turns AI orchestration into a supply-chain trust boundary
security13 min read

MCP OAuth token persistence turns AI orchestration into a supply-chain trust boundary

security13 min read

May 2026 developer-tooling compromises: VS Code extensions, PyPI packages and GitHub Actions turned workstations into supply-chain targets

May 2026 supply-chain compromises showed that poisoned developer tooling now targets the identity and execution layer before code reaches a repository.

security11 min read

GitHub Actions OIDC and TanStack show why 2026 supply chain attacks target release authority

RAGFlow PR #14803 removed a CWE-502 pickle RCE footgun from deserialize_b64
vulnerability7 min read

RAGFlow PR #14803 removed a CWE-502 pickle RCE footgun from deserialize_b64

getsentry/XcodeBuildMCP PR #289 hardens shell escaping in MCP tool execution
vulnerability9 min read

getsentry/XcodeBuildMCP PR #289 hardens shell escaping in MCP tool execution

getsentry/XcodeBuildMCP accepted MCP tool parameters that could reach /bin/sh -c through unsafe double-quote escaping. PR #289 replaces that path with POSIX single-quote escaping and adds regression coverage.

Softeria ms-365-mcp-server PR #456 validates redirect_uri before Microsoft Entra forwarding
vulnerability7 min read

Softeria ms-365-mcp-server PR #456 validates redirect_uri before Microsoft Entra forwarding

CodeGraphContext PR #882 rejects write Cypher on /api/graph
vulnerability7 min read

CodeGraphContext PR #882 rejects write Cypher on /api/graph

Tabby PR #11228 requires HTTPS for config sync after YAML profiles reached command execution
security7 min read

Tabby PR #11228 requires HTTPS for config sync after YAML profiles reached command execution

PR #11228 in Eugeny/tabby blocks cleartext config sync because a tampered YAML response could inject terminal profiles that later execute commands.

mcp-searxng PR #71 fixed a CWE-1333 ReDoS in section extraction
vulnerability7 min read

mcp-searxng PR #71 fixed a CWE-1333 ReDoS in section extraction

security14 min read

Checkmarx KICS, npm Bitwarden CLI and GlassWorm show developer trust is the supply chain target