NewsGitLab AI Gateway CVE-2026-1868 CVSS 9.9 RCEGitLab Security Advisory·high signalHighest-CVSS AI agent platform vulnerability. Template injection in Duo Workflow enables RCE via agent flow definitions.SourceSource pageGitLab Security Advisory↳ Follow the threadStack layer / Threat patternOpenClaw ships broad July 6 platform update: GPT-5.6 support, external harness attach, hardened provider I/OReleasebotStack layer / Threat patternAWS open-sources Loom, an enterprise agent platform built on Strands Agents + Bedrock AgentCore RuntimeAWS Open Source BlogPolicy dependency / Stack layerIAPS warns on Kimi Claw: security and governance risks of Chinese-hosted 'always-on' AI agentsIAPSThreat pattern / ContrastMid-Session Tool Injection weaponized against WebMCP agents via threshold poisoning and fake diagnostic eventsAdversa AIStack layer / Update threadPACR-Video Enables Parameter-Efficient Multi-Shot Long-Video ExtrapolationarXivStack layer / ContrastOpenAI launches ChatGPT Work, an agentic workspace on GPT-5.6, with Sol/Luna/Terra model tiersInfoWorldStack layer / Threat patternSnyk's Evo Agentic Development Security Hit GA June 29 — an Enforcement Layer That Polices MCP Servers and Coding Agents at RuntimeSiliconANGLEStack layer / Threat patternCROSS-CATEGORY: Three Vendors in Three Unrelated Categories Shipped 'Agents That Supervise Other Agents' Inside Two WeeksVanta