VYPR

Paperclipai

by Paperclip

npm: paperclipai

Source repositories

CVEs (2)

  • CVE-2026-41679CriApr 23, 2026
    risk 0.58cvss 10.0epss 0.02

    Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Prior to version 2026.416.0, an unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip instance running in `authenticated` mode with…

  • CVE-2026-41208HigApr 23, 2026
    risk 0.50cvss 8.8epss 0.01

    Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Versions of @paperclipai/server prior to 2026.416.0 contain a privilege escalation vulnerability that allows an attacker with an Agent API key to execute arbitrary OS commands on…