A quiet morning for new disclosures: nothing fresh landed on the AI runtimes or frameworks in the last 24 hours, and the .NET and Angular sides have been still since the June Patch Tuesday set and yesterday's CoreWCF fix. The two items worth your time are catch-up rather than today's news — network-ai, an MCP/agent npm package carrying two criticals our weekend MCP roundup didn't get to, and an older comfyui-manager flaw that GitHub's advisory database only reviewed on June 22.

Worth your morning

network-ai (CVE-2026-54051 + CVE-2026-48814). An npm package that runs a local AI-agent setup behind an SSE MCP server, with two criticals between late May and early June that our weekend roundup skipped. CVE-2026-54051 (9.9) lets a sandboxed command allowlist with wildcard entries be steered into running arbitrary commands through shell metacharacters — fixed in 5.9.1. CVE-2026-48814 (9.1) is the one that rhymes with the rest of that roundup: the MCP server ships unauthenticated by default, because the authorization check treats an empty secret as authorized and the default secret is empty. That half closes in 5.7.2, so 5.9.1 covers both. If you run network-ai, upgrade to 5.9.1 and set a non-empty secret.

comfyui-manager (CVE-2025-67303). An unprotected-alternate-channel flaw (7.5) in the ComfyUI custom-node manager: configuration and data files sat in a web-accessible location an unauthenticated request could reach and change. Fixed in 3.38, which has been out since late 2025 — GitHub only reviewed and published the advisory on June 22, which is why it surfaces now. Most installs are already past it; if yours answers to anything but localhost, confirm you're on 3.38 or later.