VYPR

npm package

@paperclipai/server

pkg:npm/%40paperclipai/server

Vulnerabilities (2)

  • CVE-2026-41679CriApr 23, 2026
    affected < 2026.410.0fixed 2026.410.0

    Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Prior to version 2026.416.0, an unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip instance running in `authenticated` mode with de

  • CVE-2026-41208HigApr 23, 2026
    affected < 2026.416.0fixed 2026.416.0

    Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Versions of @paperclipai/server prior to 2026.416.0 contain a privilege escalation vulnerability that allows an attacker with an Agent API key to execute arbitrary OS commands on t