module
Paperclip AI RCE using a chain of six API calls (CVE-2026-41679).
| Disclosed | Created |
|---|---|
| Apr 10, 2026 | Jun 12, 2026 |
Disclosed
Apr 10, 2026
Created
Jun 12, 2026
Description
Paperclip is the operating system for your AI company.
You set the goals, hire AI agents as employees, and watch them plan and execute work.
Prior to version 2026.410.0, Paperclip allows for an unauthenticated RCE, tracked as CVE-2026-41679.
An unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip
instance running in authenticated mode with default configuration. The entire chain is six API calls.
You set the goals, hire AI agents as employees, and watch them plan and execute work.
Prior to version 2026.410.0, Paperclip allows for an unauthenticated RCE, tracked as CVE-2026-41679.
An unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip
instance running in authenticated mode with default configuration. The entire chain is six API calls.
Authors
h00die-gr3y [email protected]
Sagilayani https://github.com/sagilayani
Sagilayani https://github.com/sagilayani
Platform
Linux,OSX,Unix
Architectures
cmd
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.