AI Agent Vulnerability Report — Q1 2026
Published: 2026-03-13 | Author: Nerq Research
Nerq's security crawler scanned 204,000+ AI agents across GitHub, npm, PyPI, HuggingFace, and MCP registries for known vulnerabilities. This is what we found.
Executive Summary
| Metric | Count |
|---|---|
| Agents scanned | 204,000+ |
| With known CVEs | 4,692 (2.3%) |
| CRITICAL severity | 9 agents |
| HIGH severity | 31 agents |
| Unpatched (no fix available) | 12 agents |
The Paradox: Popular Agents Are More Likely to Have CVEs
This seems counterintuitive, but the most-used agents are more likely to have known CVEs — not because they're less secure, but because they get more scrutiny. Agents with zero CVE data haven't been audited; that doesn't mean they're safe.
The distinction matters for trust scoring. Nerq's Trust Score v2 handles this with a nuanced Security dimension:
- CVE found + patched = small penalty, credit for responsiveness
- CVE found + unpatched = major penalty
- No CVE data = neutral (score 70, not 100)
Critical Vulnerabilities to Watch
We identified 9 agents with CRITICAL severity CVEs (CVSS >= 9.0). These are agents where:
- Remote code execution is possible
- Authentication bypass exists
- Data exfiltration is trivial
We're not naming specific agents here to allow maintainers time to patch. If you want to check a specific agent:
curl "https://nerq.ai/v1/preflight?target=AGENT_NAME"
The response includes cve_count and the Security component score.
License Classification Results
We also classified licenses for 2,704 agents:
| Category | Count | % |
|---|---|---|
| PERMISSIVE (MIT, Apache, BSD) | 1,891 | 70% |
| COPYLEFT (GPL, AGPL) | 389 | 14% |
| UNKNOWN | 298 | 11% |
| PROPRIETARY | 126 | 5% |
The 11% with UNKNOWN licenses is a compliance risk — especially for enterprise deployments where license obligations matter.
Recommendations
For agent users:
- Run preflight checks before adopting any agent:
pip install nerq - Prefer agents with PERMISSIVE licenses for commercial use
- Check CVE status regularly — vulnerabilities are disclosed daily
For agent maintainers:
- Enable GitHub Security Advisories on your repository
- Add a clear license file (SPDX format preferred)
- Add a Nerq Trust Badge to your README:
[](https://nerq.ai/safe/YOUR_AGENT)
For platform builders:
- Integrate preflight checks into your agent loading pipeline
- Use the batch endpoint for checking all agents at startup
- Set trust score thresholds appropriate to your risk tolerance
Data Sources
- CVE data: GitHub Advisory Database (cross-referenced with NVD)
- License data: SPDX classification from repository license files
- Download data: npm Registry API, PyPI JSON API
- Agent index: Nerq Trust Index (204K+ agents, updated continuously)
Full data available via the Nerq API. Free, no auth required. API docs | Python SDK
Top comments (0)