AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 910 results — Active exploitation
Severity CVE ID Summary CVSS EPSS Package Date
CRIT E CVE-2026-25130 cai-framework: Command Injection enables RCE 9.7 0.0% Jan 30 HIGH E CVE-2026-24780 agpt: Code Injection enables RCE 8.8 0.1% Jan 29 HIGH E CVE-2026-24779 vllm: SSRF allows internal network access 7.1 0.0% vllm Jan 27 HIGH E CVE-2026-24747 pytorch: Code Injection enables RCE 8.8 0.1% pytorch Jan 27 CRIT E CVE-2026-1470 n8n: Code Injection enables RCE 9.9 1.9% n8n Jan 27 MEDI E CVE-2026-24123 bentoml: Path Traversal enables file access 6.5 0.0% bentoml Jan 26 CRIT E CVE-2025-13374 Kalrav: Arbitrary File Upload enables RCE 9.8 0.1% Jan 24 HIGH CVE-2026-0770 langflow: security flaw enables exploitation 11.9% langflow Jan 23 HIGH E CVE-2025-65098 typebot: XSS enables session hijacking 7.4 0.0% Jan 22 HIGH E CVE-2025-66960 ollama: Input Validation flaw enables exploitation 7.5 0.3% ollama Jan 21 HIGH E CVE-2025-66959 ollama: Input Validation flaw enables exploitation 7.5 0.3% ollama Jan 21 HIGH E CVE-2026-22219 chainlit: SSRF allows internal network access 7.7 0.0% chainlit Jan 20 CRIT E CVE-2026-0863 n8n: Code Injection enables RCE 9.9 0.0% n8n Jan 18 HIGH E CVE-2025-15514 ollama: security flaw enables exploitation 7.5 0.1% ollama Jan 12 HIGH E CVE-2024-58340 langchain: security flaw enables exploitation 7.5 0.1% langchain Jan 12 HIGH E CVE-2024-58339 llamaindex: Resource Exhaustion enables DoS 7.5 0.1% llamaindex Jan 12 HIGH E CVE-2024-14021 llamaindex: Deserialization enables RCE 7.8 0.1% llamaindex Jan 12 HIGH E CVE-2026-22033 label-studio: XSS enables session hijacking 0.0% label-studio Jan 12 HIGH E CVE-2026-22773 vllm: Resource Exhaustion enables DoS 7.5 0.0% vllm Jan 10 HIGH E CVE-2026-22612 fickling: Deserialization enables RCE 0.1% fickling Jan 9

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial