When AI Agents Meet Poisoned Oracles: How Autonomous DeFi Bots Turn Price Manipulation Into Protocol-Ending Events

In March 2026, two incidents collided to reveal a vulnerability class that nobody's properly mapped yet. On March 10, a configuration error in Aave's Correlated Asset Price Oracle (CAPO) triggered $26 million in erroneous wstETH liquidations — automated bots acting on bad data at machine speed. Five days later, an attacker manipulated the THE token's price on Venus Protocol, exploiting thin liquidity to manufacture $2.15 million in bad debt through inflated collateral. Neither incident was new in isolation. Oracle manipulation is DeFi's oldest trick. Automated liquidation is standard infrastructure. But here's what changed: autonomous AI agents are now the primary consumers of oracle feeds, and they execute faster, with more capital, and less human oversight than anything we've seen before. This isn't a future risk. PancakeSwap and Uniswap Labs shipped AI-powered trading tools in March 2026. One in eight companies using agentic AI has already experienced security breaches linked to the