A newly disclosed critical flaw in ModelScope’s MS-Agent framework could let attackers execute arbitrary commands and gain full control of systems running the AI agent. Tracked as CVE-2026-2256 and assigned Vulnerability Note VU#431821, the issue stems from unsanitized shell command execution, allowing prompt-based attacks to escalate privileges on affected installations. The MS-Agent framework, widely used […] The post Critical MS-Agent Vulnerability Allows Attackers to Hijack AI Agents and Gain Full System Control appeared first on Cyber Security News.