CVE-2025-67511: Cybersecurity AI (CAI) vulnerable to Command Injection in run_ssh_command_with_credentials Agent tool
(updated )
A command injection vulnerability is present in the function tool run_ssh_command_with_credentials() available to AI agents.
References
- github.com/advisories/GHSA-4c65-9gqf-4w8h
- github.com/aliasrobotics/cai
- github.com/aliasrobotics/cai/commit/09ccb6e0baccf56c40e6cb429c698750843a999c
- github.com/aliasrobotics/cai/security/advisories/GHSA-4c65-9gqf-4w8h
- nvd.nist.gov/vuln/detail/CVE-2025-67511
- www.hacktivesecurity.com/blog/2025/12/10/cve-2025-67511-tricking-a-security-ai-agent-into-pwning-itself
Code Behaviors & Features
Detect and mitigate CVE-2025-67511 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →