Indirect Prompt Injection Vulnerability in Nanobot Personal AI Assistant
CVE-2026-33654

8.9HIGH

Key Information:

Vendor: Hkuds
Status: Nanobot
Vendor: CVE Published:; 27 March 2026

What is CVE-2026-33654?

An indirect prompt injection vulnerability has been identified in the email processing module of Nanobot, a personal AI assistant. Before version 0.1.6, this vulnerability enables remote, unauthenticated attackers to execute arbitrary instructions via malicious emails. The bot automatically processes these emails as trusted input, bypassing security measures, and allowing for stealthy attacks without user interaction. Users are advised to upgrade to version 0.1.6 to mitigate this security risk.

Affected Version(s)

nanobot < 0.1.4.post6

References

https://github.com/HKUDS/nanobot/security/advisories/GHSA...

x_refsource_CONFIRM

CVSS V4

Score:

8.9

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 27, 2026
Vulnerability Reserved
Mar 23, 2026

CVE-2026-33654 Data

JSON

Hkuds

What is CVE-2026-33654?

Affected Version(s)

References

CVSS V4

Timeline