AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 910 results — Active exploitation
HIGH EXPLOIT AVAIL

PraisonAI: SSRF via api_base steals cloud IAM credentials

CVE-2026-34936
7.7
EPSS 0.0%
Data Extraction Auth Bypass Supply Chain Framework API Agent
praisonai Patch: 4.5.90 CWE-918 1 5 ATLAS
HIGH EXPLOIT AVAIL

PraisonAI: OS command injection via run_python() shell escape

CVE-2026-34937
7.8
EPSS 0.0%
Code Execution Prompt Injection Auth Bypass Agent Framework Plugin
praisonaiagents Patch: 1.5.90 CWE-78 11 6 ATLAS 1 incident
CRITICAL EXPLOIT AVAIL

praisonaiagents: sandbox bypass enables full host RCE

CVE-2026-34938
10.0
EPSS 0.0%
Code Execution Prompt Injection Supply Chain Agent Framework Plugin
praisonaiagents Patch: 1.5.90 CWE-693 11 7 ATLAS
HIGH EXPLOIT AVAIL

Open WebUI: access control bypass leaks Tool Valve API keys

CVE-2026-34222
7.7
EPSS 0.0%
Auth Bypass Data Extraction Agent Plugin Framework
open-webui Patch: 0.8.11 CWE-285 5 ATLAS
MEDIUM EXPLOIT AVAIL

ONNX: symlink traversal reads host files via model loading

CVE-2026-34447
5.5
EPSS 0.0%
Supply Chain Data Extraction Framework Model
onnx Patch: 1.21.0 CWE-22 1.1K 5 ATLAS
UNKNOWN EXPLOIT AVAIL

ONNX: symlink path traversal allows arbitrary file read

CVE-2026-27489
--
EPSS 0.1%
Supply Chain Data Extraction Framework Model
onnx Patch: 1.21.0 CWE-23 1.1K 5 ATLAS
CRITICAL EXPLOIT AVAIL

MLflow: command injection via model_uri in mlserver mode

CVE-2026-0596
9.6
EPSS 0.2%
Code Execution Supply Chain Framework Inference
CWE-78 4 ATLAS 1 incident
HIGH EXPLOIT AVAIL

awesome-llm-apps MCP Agent: cross-session credential theft

CVE-2026-29872
8.2
EPSS 0.1%
Data Leakage Auth Bypass Privacy Violation Agent API Plugin
7 ATLAS
UNKNOWN EXPLOIT AVAIL

CrewAI: RCE via Docker fallback in CodeInterpreter

CVE-2026-2275
--
EPSS 0.0%
Code Execution Auth Bypass Agent Framework Plugin
6 ATLAS 1 incident
CRITICAL EXPLOIT AVAIL

MLflow: RCE via unsanitized model dependency specs

CVE-2025-15379
10.0
EPSS 0.2%
Code Execution Supply Chain Framework
mlflow Patch: 3.8.1 CWE-77 624 4 ATLAS 1 incident
CRITICAL EXPLOIT AVAIL

MLflow: path traversal enables sandbox escape, file overwrite

CVE-2025-15036
9.6
EPSS 0.0%
Supply Chain Code Execution Framework
mlflow Patch: 3.9.0rc0 CWE-29 624 5 ATLAS
LOW EXPLOIT AVAIL

OpenUI: hard-coded LiteLLM master key credential leak

CVE-2026-4993
3.3
EPSS 0.0%
Auth Bypass Data Extraction API Inference Framework
CWE-259 5 ATLAS
HIGH EXPLOIT AVAIL

langchain-core: path traversal exposes host secrets via prompt config

CVE-2026-34070
7.5
EPSS 0.0%
Data Extraction Data Leakage Framework
langchain-core Patch: 1.2.22 CWE-22 4.3K 5 ATLAS
HIGH EXPLOIT AVAIL

@mobilenext/mobile-mcp: path traversal via AI agent tool

CVE-2026-33989
8.1
EPSS 0.0%
Prompt Injection Code Execution Supply Chain Agent Plugin
CWE-22 6 ATLAS
MEDIUM EXPLOIT AVAIL

smolagents: code injection via incomplete sandbox fix

CVE-2026-4963
6.3
EPSS 0.0%
Code Execution Supply Chain Agent Framework
smolagents CWE-74 86 5 ATLAS
HIGH EXPLOIT AVAIL

MLflow: broken access control exposes experiment traces

CVE-2025-15381
8.1
EPSS 0.0%
Auth Bypass Data Extraction Data Leakage Framework Training Data
mlflow CWE-200 624 5 ATLAS
LOW EXPLOIT AVAIL

Open WebUI: IDOR exposes AI memories and private files

CVE-2026-29071
3.1
EPSS 0.0%
Auth Bypass Data Extraction Privacy Violation RAG Agent Framework
open-webui Patch: 0.8.6 CWE-639 5 ATLAS
MEDIUM EXPLOIT AVAIL

open-webui: missing authz allows cross-KB file deletion

CVE-2026-29070
5.4
EPSS 0.0%
Auth Bypass DoS RAG Framework
open-webui Patch: 0.8.6 CWE-862 4 ATLAS
HIGH EXPLOIT AVAIL

Open WebUI: BOLA enables RAG poisoning via file overwrite

CVE-2026-28788
7.1
EPSS 0.0%
Auth Bypass Model Poisoning Prompt Injection RAG API Framework
open-webui Patch: 0.8.6 CWE-639 7 ATLAS
MEDIUM EXPLOIT AVAIL

Open WebUI: path traversal leaks server filesystem path

CVE-2026-28786
4.3
EPSS 0.0%
Data Extraction Data Leakage Framework API
open-webui Patch: 0.8.6 CWE-22 4 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial