Cybersecurity AI agent is Vulnerable to Command Injection (CVE-2025-67511)

**Executive Summary:** Checkmarx discloses a critical command-injection vulnerability in the Cybersecurity AI (CAI) framework (GHSA-4c65-9gqf-4w8h / CVE-2025-67511) affecting all versions up to 0.5.9 that allows an attacker to inject shell commands via untrusted SSH connection fields (username, host, port), potentially enabling arbitrary command execution and exfiltration of sensitive credentials; no patch is currently available and mitigations include sandboxing, running CAI with low privileges, removing unnecessary installations, and monitoring/blocking CAI-related process activity.