Security researchers uncovered two vulnerabilities in the popular Python-based AI app building tool that could allow attackers to extract credentials and files — and gain a lateral edge.