Paperclip unauthenticated remote code execution (CVE-2026-41679)

Patch now - CVE-2026-41679 is a critical unauthenticated remote code execution in Paperclip AI agent orchestration platform prior to version 2026.416.0 that grants attackers complete server control through chained API calls. Update immediately to version 2026.416.0 to block this actively weaponized exploit.

Overview

A critical vulnerability in the Paperclip AI agent orchestration platform allows unauthenticated attackers to execute arbitrary code on affected servers. Identified as CVE-2026-41679, this flaw has a maximum CVSS score of 10.0 due to its network accessibility, low attack complexity, and lack of required privileges or user interaction. The issue is present in all versions prior to 2026.416.0.

Vulnerability Details

Paperclip is a Node.js and React-based platform for orchestrating AI agents to automate business tasks. When configured to run in its default authenticated mode, the server’s API fails to properly validate and authorize a sequence of requests. An attacker can chain six specific API calls to bypass all security controls. This leads directly to remote code execution (RCE), granting the attacker complete control over the underlying server hosting the Paperclip instance. The attack is fully automated and requires only the network address of the target.

Impact

The impact of this vulnerability is severe. A successful exploit grants an attacker the same level of access as the Paperclip server process, which typically runs with high privileges. This allows them to:

• Install malware or ransomware.
• Steal sensitive business data and AI model configurations.
• Use the compromised server as a foothold to attack other internal systems.
• Disrupt business operations by disabling or manipulating the AI agents.

Any Paperclip instance running in authenticated mode with a version below 2026.416.0 that is exposed to a network (including internal networks) is at immediate risk.

Remediation and Mitigation

The only complete remediation is to update the Paperclip software immediately.

Primary Action: Upgrade all Paperclip instances to version 2026.416.0 or later. This version contains the patch that fixes the authorization flaw.

Immediate Mitigation (If Patching is Delayed):

1. Restrict Network Access: Immediately firewall the Paperclip server to allow access only from strictly necessary, trusted IP addresses. Do not expose it directly to the internet.
2. Monitor for Compromise: Review server logs for unusual API activity, particularly sequences of rapid, consecutive calls to administrative endpoints. Look for unexpected processes or network connections originating from the Paperclip server.

After patching, it is prudent to review the server for any indicators of compromise, as this vulnerability could have been exploited prior to the update. For more on handling security incidents, you can review recent breach reports.

Security Insight

This vulnerability underscores the acute risks in emerging AI orchestration platforms, where complex, multi-step agent workflows can introduce unexpected attack chains. Similar to past critical flaws in automation tools like Jenkins, the convergence of high functionality and default insecure configurations creates a prime target. It highlights a need for security-by-design in AI agent frameworks, where the permission model must be rigorously evaluated for each step in an automated chain, not just the initial request.

Further Reading

• All Critical Vulnerabilities
• Recent Critical Vulnerabilities
• Top Critical CVEs