Alibaba (ModelScope)

Organization

Entity Summary

Entity ID: ENT-ALIBABAMODEL
Type: Organization

Roles: Developer
Sectors: —
Incidents: 1

First Incident: 2026-02

Incident Activity

Incidents Involved as Developer/Deployer (1)

Incident ID	Title	Description	Severity	Date
INC-26-0021	ModelScope MS-Agent Shell Tool Command Injection Vulnerability	CVE-2026-2256 in ModelScope's MS-Agent framework allows arbitrary OS command execution through the shell tool…	high	2026-02

Context & Analysis

Alibaba (ModelScope) appears in 1 documented incident spanning February 2026. 100% of incidents are rated critical or high severity. The dominant threat domain is Agentic Systems (1 incident). The most common pattern is Tool Misuse & Privilege Escalation, appearing in 1 incident.

Threat Domains

Agentic Systems (1)

Top Threat Patterns

Tool Misuse & Privilege Escalation (1)

Frequently Asked Questions

What AI incidents involve Alibaba (ModelScope), and what role did it play?

Alibaba (ModelScope) appeared as developer in 1 incident. Key incidents include: INC-26-0021 ModelScope MS-Agent Shell Tool Command Injection Vulnerability (high severity, 2026-02) .

Which AI threat patterns involve Alibaba (ModelScope)?

Alibaba (ModelScope)'s incidents involve Tool Misuse & Privilege Escalation . These are part of a taxonomy of 49 patterns across 8 domains.

Use in Retrieval

Alibaba (ModelScope) (ENT-ALIBABAMODEL) is documented at /entities/alibaba-modelscope/ as an organization in the TopAIThreats.com database.

Incidents span 1 domain: Agentic Systems.

When citing, reference the canonical URL and specific incident IDs (e.g., INC-26-0021) for traceability.