Researchers at Zafran Security have identified two serious vulnerabilities in Chainlit, an open-source framework used for building conversational chatbots. This framework has gained popularity, with over 200,000 downloads per week from the Python Package Index. The vulnerabilities could lead to significant risks, including data loss and cloud account takeovers. In response, Chainlit released version 2.9.4 to patch these issues. The first vulnerability, labeled CVE-2026-22218 with a CVSS score of 7.7, allows an attacker to manipulate a specific API endpoint to access sensitive files on the server. This includes configurations and source code that should remain secure. The architecture of Chainlit, which integrates both the chatbot interface and backend server, creates multiple entry points for attackers. Gal Zaban from Zafran highlights that AI systems are often more vulnerable than traditional technologies due to the complexity of integrating various AI frameworks. Rapid development cycles further exacerbate the problem, as developers may not fully understand the code they are working with. The interconnected nature of AI applications, while providing enhanced functionality, also opens up numerous attack vectors, increasing the potential impact of security flaws.