Overview

• Microsoft released NLWeb as an open-source framework in May to deliver AI-powered natural language interfaces on websites.
• Researchers Aonan Guan and Lei Wang reported a path traversal flaw on May 28 that allowed unauthenticated access to .env files containing system configurations and AI API keys.
• Microsoft patched the vulnerability on July 1 and updated the NLWeb GitHub repository, which automatically protects users who pull the latest build.
• The company has not assigned a CVE to the flaw, raising concerns that the lack of an official identifier could hinder industry-wide tracking and response.
• Security experts warn that exposed API keys can enable attackers to hijack AI agents’ reasoning capabilities and potentially incur significant financial losses or facilitate malicious clones.