---
title: "CVE Mitigations for AI Agent Security"
description: "Interactive CVE mitigation demos showing agentsh blocking AI agent attack paths with execution-layer security controls."
doc_version: "1.0"
last_updated: "2026-05-18"
canonical: "https://www.agentsh.org/mitigations/"
---

# CVE Mitigations

## Overview

Interactive demonstrations showing agentsh blocking exploit setup paths with execution-layer policy. Each demo shows the unprotected behavior, the same action under agentsh, and the policy or built-in mitigation set that closes the path.

## Demos

- [CVE-2025-32463: Sudo Chroot LPE](https://www.agentsh.org/mitigations/demo-cve-2025-32463/)
- [CVE-2026-31431: Copy Fail LPE](https://www.agentsh.org/mitigations/demo-cve-2026-31431/)
- [CVE-2026-31635: DirtyDecrypt RxRPC](https://www.agentsh.org/mitigations/demo-cve-2026-31635/)
- [CVE-2026-43284 / CVE-2026-43500: DirtyFrag Socket Mitigation](https://www.agentsh.org/mitigations/demo-cve-2026-43284/)
- [CVE-2026-46300: Fragnesia XFRM](https://www.agentsh.org/mitigations/demo-cve-2026-46300/)

## Related Documentation

- [Policy Reference](https://www.agentsh.org/docs/policy-reference/)
- [Glossary](https://www.agentsh.org/docs/glossary/)

## Sitemap

- [Canonical HTML](https://www.agentsh.org/mitigations/)
- [Site map](https://www.agentsh.org/sitemap.md)
- [Full documentation](https://www.agentsh.org/llms-full.md)