AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 910 results — Active exploitation
CRITICAL EXPLOIT AVAIL

Flowise: CSV Agent Prompt Injection Remote Code Execution Vulnerability

CVE-2026-41264
9.8
EPSS 0.3%
flowise-components Patch: 3.1.0 CWE-184
MEDIUM EXPLOIT AVAIL

A vulnerability was detected in lm-sys fastchat up to 0.2.36. Impacted is the function add_text of the component Arena Side-by-Side View Handler. The...

CVE-2026-6608
5.3
EPSS 0.0%
fschat CWE-670 674
LOW EXPLOIT AVAIL

A flaw has been found in langflow-ai langflow up to 1.8.3. This affects an unknown function of the file...

CVE-2026-6600
3.5
EPSS 0.0%
CWE-79
MEDIUM EXPLOIT AVAIL

A vulnerability was detected in langflow-ai langflow up to 1.8.3. The impacted element is the function get_client_ip/install_mcp_config of the file...

CVE-2026-6599
6.3
EPSS 0.0%
langflow CWE-74
MEDIUM EXPLOIT AVAIL

A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of...

CVE-2026-6598
4.3
EPSS 0.0%
langflow Patch: 1.9.1 CWE-312
LOW EXPLOIT AVAIL

A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function remove_api_keys/has_api_terms of the file...

CVE-2026-6597
2.7
EPSS 0.0%
langflow CWE-255
HIGH EXPLOIT AVAIL

A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file...

CVE-2026-6596
7.3
EPSS 0.1%
langflow-base Patch: 1.9.1 CWE-284
CRITICAL EXPLOIT AVAIL

Flowise: RCE via MCP stdio command injection

CVE-2026-40933
9.9
EPSS 0.0%
Code Execution Supply Chain Auth Bypass Agent Plugin Framework
flowise-components Patch: 3.1.0 CWE-78 7 ATLAS
CRITICAL EXPLOIT AVAIL

OpenAI Codex CLI: RCE via malicious MCP config files

CVE-2025-61260
9.8
EPSS 0.1%
Code Execution Supply Chain Agent Plugin
@openai/codex CWE-94 3.5K 5 ATLAS
HIGH EXPLOIT AVAIL

Keras: safe_mode bypass allows RCE via model deserialization

CVE-2026-1462
8.8
EPSS 0.1%
Supply Chain Code Execution Framework Model
keras Patch: 3.13.2 CWE-502 1.5K 4 ATLAS
MEDIUM EXPLOIT AVAIL

langsmith: prototype pollution enables auth bypass, RCE

CVE-2026-40190
5.6
EPSS 0.1%
Supply Chain Auth Bypass Code Execution Framework Agent Plugin
langsmith Patch: 0.5.18 CWE-1321 2.6K 4 ATLAS
MEDIUM EXPLOIT AVAIL

rembg: path traversal exposes arbitrary files via HTTP API

CVE-2026-40086
5.3
EPSS 0.1%
Data Extraction Privacy Violation Inference API
rembg Patch: 2.0.75 CWE-22 1.1K 4 ATLAS
HIGH EXPLOIT AVAIL

PraisonAI: unauthenticated SSRF via unvalidated webhook_url

CVE-2026-40114
7.2
EPSS 0.0%
Auth Bypass Data Extraction Privacy Violation Agent API
PraisonAI Patch: 4.5.128 CWE-918 1 4 ATLAS
HIGH EXPLOIT AVAIL

praisonaiagents: SSRF in web_crawl exposes cloud metadata

CVE-2026-40160
--
EPSS 0.0%
Data Extraction Prompt Injection Agent Plugin
praisonaiagents Patch: 1.5.128 CWE-918 11 6 ATLAS
MEDIUM EXPLOIT AVAIL

PraisonAI: MCP env inheritance exposes API keys

CVE-2026-40159
5.5
EPSS 0.0%
Supply Chain Data Leakage Data Extraction Agent Framework Plugin
PraisonAI Patch: 4.5.128 CWE-200 1 6 ATLAS
CRITICAL EXPLOIT AVAIL

PraisonAI: path traversal allows arbitrary file write via recipe unpack

CVE-2026-40157
--
EPSS 0.1%
Supply Chain Code Execution Agent Framework
PraisonAI Patch: 4.5.128 CWE-22 1 3 ATLAS
HIGH EXPLOIT AVAIL

PraisonAI: auto tools.py load enables local RCE

CVE-2026-40156
7.8
EPSS 0.0%
Supply Chain Code Execution Agent Framework Plugin
praisonai Patch: 4.5.128 CWE-94 1 4 ATLAS
MEDIUM EXPLOIT AVAIL

PraisonAI: decompression bomb causes disk exhaustion

CVE-2026-40148
6.5
EPSS 0.0%
DoS Supply Chain Agent Framework
PraisonAI Patch: 4.5.128 CWE-409 1 4 ATLAS
CRITICAL EXPLOIT AVAIL

PraisonAI: supply chain RCE via unverified template exec

CVE-2026-40154
9.3
EPSS 0.0%
Supply Chain Code Execution Agent Plugin Framework
PraisonAI Patch: 4.5.128 CWE-829 1 7 ATLAS
HIGH EXPLOIT AVAIL

PraisonAI: AST sandbox bypass enables host RCE

CVE-2026-40158
8.6
EPSS 0.0%
Code Execution Data Extraction Agent Framework
PraisonAI Patch: 4.5.128 CWE-94 1 5 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial