AI Security
When Prompt Injection Becomes RCE: Inside CVE-2026-26030
A single prompt. One eval() call. Host RCE. Inside CVE-2026-26030 — the Semantic Kernel bypass that turned an AI agent into a remote code execution primitive.
AI Security
A single prompt. One eval() call. Host RCE. Inside CVE-2026-26030 — the Semantic Kernel bypass that turned an AI agent into a remote code execution primitive.
CVE Analysis
Two CVEs — an authenticated Cacti RCE and an unauthenticated Docker Desktop escape — chain into a full host compromise in about six commands. Anatomy of the kill chain.