Your AI Coding Agent Has Root Access to Your Machine. Does Anything Else?

TL;DR Two critical vulnerabilities — CVE-2026-22812 (CVSS 8.8) and CVE-2026-22813 (CVSS 9.6) — affect the most widely deployed open-source AI coding agent platforms. 220,000+ instances are exposed on the public internet with no authentication. 15,200 are confirmed vulnerable to unauthenticated remote code execution. But the exposure isn't limited to cloud servers — the same agent running on your Mac Mini under your desk has the same root-level access to your files, your credentials, and your network. This article provides the technical analysis, the exposure data, remediation for both VPS and local hardware deployments, and a 5-layer defense architecture that works regardless of where your agent runs. The machine under your desk Apple cannot keep the Mac Mini in stock. The M4 and M4 Pro configurations are backordered across most retailers, and the reason is not what Apple planned for. Developers are buying them to run AI coding agents locally — specifically OpenClaw, which needs Apple