Skip to content

security-recipes.ai Quick Start

Overview
Threat Model
Emerging Patterns

Overview
Integrate an AI Agent
Visual Guide

Overview
GitHub Copilot
Devin
Cursor
Codex
Claude

Overview
Claude
GitHub Copilot
Cursor
Codex
Devin
General
Reputable Sources
CVE Recipes
Classic Vulnerable Defaults

Overview
Control Plane Blueprint
Agentic Threat Radar
Workflow Control Plane
MCP Gateway Policy
Connector Intake
MCP Connector Trust
Agentic Assurance Pack
Readiness Scorecard
Red-Team Drill Pack
Agent Identity Ledger
Context Poisoning Guard
Reviewer Playbook
Gatekeeping Patterns
Runtime Controls
Compliance & Audit

Automation Contribute

CTRL K

Quick Start
Fundamentals
Docs
Agents
Prompt Library
MCP Servers
Security Remediation
Automation
Contribute
More
Contribute

High

CVE-2026-39383 - Gotenberg webhook SSRF

May 2, 2026

CVE-2026-39858 - Traefik forwarded alias auth bypass

May 2, 2026

CVE-2026-42449 - n8n-mcp IPv4-mapped IPv6 SSRF

May 2, 2026

CVE-2026-42786 - Bandit WebSocket fragment reassembly DoS

May 2, 2026

CVE-2026-39804 - Bandit permessage-deflate decompression DoS

May 2, 2026

CVE-2026-7039 - ssh-mcp description command injection

May 2, 2026

GHSA-v4p8-mg3p-g94g - LiteLLM MCP stdio command execution

May 2, 2026

CVE-2026-40171 - Jupyter CommandLinker token theft

May 2, 2026

GHSA-rpm5/GHSA-x2qx - GitPython command injection

May 2, 2026

GHSA-rh99-wc69-c255 - Contrast CopyFile policy symlink subversion

May 3, 2026

CVE-2026-42461 - Arcane Compose template secret disclosure

May 2, 2026

GHSA-74m3 - zrok WebDAV DriveRoot symlink escape

May 2, 2026

CVE-2026-41485 - Kyverno forEach mutation panic DoS

May 3, 2026

CVE-2026-42349 - Clerk combined authorization bypass

May 3, 2026

© 2026 security-recipes.ai · An open, community-driven playbook for security engineering teams