Critical AI Security Flaws in Amazon Bedrock, LangSmith, and SGLang Enable RCE and Data Exfiltration
Security researchers dropped a cluster of critical findings today that should be on every agentic AI team’s radar. Vulnerabilities disclosed on March 17, 2026 affect three widely-used components of modern AI pipelines: Amazon Bedrock AgentCore, LangSmith, and SGLang — with the SGLang flaws scoring a maximum-tier 9.8 CVSS and allowing unauthenticated remote code execution. If your production agentic pipeline touches any of these systems, read this now. Amazon Bedrock: DNS Exfiltration Despite “No Network Access” BeyondTrust researchers revealed that Amazon Bedrock AgentCore’s Code Interpreter sandbox — marketed as network-isolated — actually permits outbound DNS queries. That’s a critical gap between what “no network access” implies and what it delivers. ...