The AISafe Blog

May 8, 2026

A single HTTP request with a crafted Content-Security-Policy header breaks out of an HTML attribute and injects script content into framework-generated <script> tags. Cached responses propagate the payload to every later visitor.

May 7, 2026

An authenticated OTel trace with maliciously crafted attribute key can enable cross-project trace exposure and remote code execution.

April 22, 2026

We independently discovered and chained two vulnerabilities in LiteLLM Proxy into unauthenticated RCE. Upgrade to v1.83.7-stable.

April 9, 2026

Paint HTML as visible text on a 360° image. PaddleOCR extracts it, the database stores it, and the panorama viewer hands it to innerHTML. Any user who opens the OCR overlay runs your JavaScript.

March 26, 2026

A single POST request can exhaust your server's memory. The vulnerable endpoint is registered by default, even if you don't use Server Islands.

March 16, 2026

How Claude Code or Codex won't secure your application, and why AISafe found 7 CVEs in a file hosting app where they couldn't.