Definition
A critical vulnerability in AI-specific tools (LLM inference servers, MCP servers, AI orchestration platforms) that allows an attacker with no credentials or authentication to execute arbitrary code on the system. These vulnerabilities often affect widely deployed open-source AI frameworks like Langflow, vLLM, or LiteLLM.
Why it matters
Unauthenticated RCE on an AI platform gives attackers direct access to model servers, API keys for commercial LLMs (OpenAI, Anthropic), customer data, and the ability to modify or exfiltrate deployed models. A single misconfigured instance exposed to the internet can compromise the entire AI pipeline.