AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 7 of 7 results — High severity, KEV only, Active exploitation
HIGH KEV SCANNER

langflow: security flaw enables exploitation

CVE-2026-0770
--
EPSS 11.9%
Code Execution Auth Bypass Framework Agent
langflow CWE-829 5 ATLAS
HIGH KEV SCANNER

n8n: security flaw enables exploitation

CVE-2025-68613
8.8
EPSS 81.7%
Code Execution Auth Bypass Data Extraction Agent Framework Plugin
n8n CWE-913 16 9 ATLAS
HIGH KEV SCANNER

langflow: security flaw enables exploitation

CVE-2025-34291
8.8
EPSS 13.3%
Auth Bypass Code Execution Framework Agent
langflow CWE-346 8 ATLAS
HIGH KEV

LiteLLM: SSRF leaks OpenAI API key to attacker

CVE-2024-6587
7.5
EPSS 88.4%
Data Extraction Auth Bypass API Framework
litellm 4 5 ATLAS
HIGH KEV SCANNER

Gradio: SSRF exposes internal network and cloud metadata

CVE-2024-4325
8.6
EPSS 65.1%
Data Extraction Auth Bypass Framework Inference
gradio 674 4 ATLAS
HIGH KEV

Ollama: path traversal enables RCE via model blob API

CVE-2024-37032
8.8
EPSS 93.7%
Code Execution Data Extraction Inference Framework API
ollama 1.4K 4 ATLAS
HIGH KEV

LangChain: SSRF in URL loader exposes internal network

CVE-2023-46229
8.8
EPSS 1.8%
Data Extraction Auth Bypass Framework RAG
langchain CWE-918 2.6K 4 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial