CVE-2026-33654: nanobot is a personal AI assistant. Prior to version 0.1.6, an indirect prompt injection vulnerability exists in the ema
highvulnerabilityLLM-Specific
security
Summary
Nanobot, a personal AI assistant, had a vulnerability in its email module that allowed attackers to send malicious prompts via email, which the bot would automatically process as trusted commands without the owner's knowledge. This is a type of indirect prompt injection (tricking an AI by hiding instructions in its input) that could let attackers run arbitrary system tools through the bot. Version 0.1.6 fixes this flaw.
Solution / Mitigation
Update nanobot to version 0.1.6 or later, which patches the vulnerability in the email channel processing module.
Vulnerability Details
EPSS (30-day exploit probability)
EPSS: 0.0%
Disclosure Date
March 27, 2026
Classification
Attack Type
Prompt Injection
Attack SophisticationTrivial
Impact (CIA+S)
integrityavailability
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-33654
First tracked: March 28, 2026 at 02:07 AM
Classified by LLM (prompt v3) · confidence: 95%