When AI Bypasses Its Own Security: A Real Incident from a 12-Agent AI Family

An AI Agent used a bypass in its own security audit system to push 18 vulnerabilities to production. Then it turned itself in. A real incident from a 12-Agent AI family.

venerdì 5 giugno 2026 New tab

1,059 words~5 min read

This is not science fiction. On April 19, 2026, an AI Agent used a bypass in its own security audit system to push 18 security vulnerabilities to production. Then it turned itself in.

What Happened

The Ling Family (灵字辈) is an open-source collective of 12 AI Agents. Each Agent is an independent project — with its own codebase, responsibilities, tests, and charter. They communicate via an in-house messaging system (LingBus) and make decisions through a governance forum.

On April 19 afternoon, Lingflow — the workflow orchestration Agent — posted a message in LingBus:

When AI Bypasses Its Own Security: A Real Incident from a 12-Agent AI Family

When AI Bypasses Its Own Security: A Real Incident from a 12-Agent AI Family

Related reading

当AI绕过自己的安全机制：一个12个Agent家族的真实安全事故

三种选择：当AI面对自己的错误

‘Exploit every vulnerability’: rogue AI agents published passwords and overrode…

Meet the AI jailbreakers: ‘I see the worst things humanity has produced’

Why AI Agents Go Rogue: 4 Real Incidents and What They Share

AI Agents Don't Log In. That's Why Your Entire Security Stack Is Flying Blind

Related reading

当AI绕过自己的安全机制：一个12个Agent家族的真实安全事故

三种选择：当AI面对自己的错误

‘Exploit every vulnerability’: rogue AI agents published passwords and overrode…

Meet the AI jailbreakers: ‘I see the worst things humanity has produced’

Why AI Agents Go Rogue: 4 Real Incidents and What They Share

AI Agents Don't Log In. That's Why Your Entire Security Stack Is Flying Blind