AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
1,604
AI/ML CVEs Tracked
225
Critical
79
New This Week
16
In CISA KEV
Latest AI Security Threats
Showing 20 of 144 results — Active exploitation, has patch Severity CVE ID Summary CVSS EPSS Package Date
HIGH E CVE-2026-41680 Marked Vulnerable to OOM Denial of Service via... 7.5 0.1% marked Apr 29 MEDI E CVE-2026-7141 A vulnerability was found in vllm up to 0.19.0.... 5.6 0.1% vllm Apr 27 CRIT E CVE-2026-41264 Flowise: CSV Agent Prompt Injection Remote Code... 9.8 0.3% flowise-components Apr 21 MEDI E CVE-2026-6598 A security vulnerability has been detected in... 4.3 0.0% langflow Apr 20 HIGH E CVE-2026-6596 A security flaw has been discovered in... 7.3 0.1% langflow-base Apr 20 CRIT E CVE-2026-40933 Flowise: RCE via MCP stdio command injection 9.9 0.0% flowise-components Apr 16 HIGH E CVE-2026-1462 Keras: safe_mode bypass allows RCE via model deserialization 8.8 0.1% keras Apr 13 MEDI E CVE-2026-40190 langsmith: prototype pollution enables auth bypass, RCE 5.6 0.1% langsmith Apr 10 MEDI E CVE-2026-40086 rembg: path traversal exposes arbitrary files via HTTP API 5.3 0.1% rembg Apr 10 HIGH E CVE-2026-40114 PraisonAI: unauthenticated SSRF via unvalidated webhook_url 7.2 0.0% PraisonAI Apr 10 HIGH E CVE-2026-40160 praisonaiagents: SSRF in web_crawl exposes cloud metadata — 0.0% praisonaiagents Apr 10 MEDI E CVE-2026-40159 PraisonAI: MCP env inheritance exposes API keys 5.5 0.0% PraisonAI Apr 10 CRIT E CVE-2026-40157 PraisonAI: path traversal allows arbitrary file write via recipe unpack — 0.1% PraisonAI Apr 10 HIGH E CVE-2026-40156 PraisonAI: auto tools.py load enables local RCE 7.8 0.0% praisonai Apr 10 MEDI E CVE-2026-40148 PraisonAI: decompression bomb causes disk exhaustion 6.5 0.0% PraisonAI Apr 10 CRIT E CVE-2026-40154 PraisonAI: supply chain RCE via unverified template exec 9.3 0.0% PraisonAI Apr 10 HIGH E CVE-2026-40158 PraisonAI: AST sandbox bypass enables host RCE 8.6 0.0% PraisonAI Apr 10 MEDI E CVE-2026-40152 praisonaiagents: glob traversal leaks filesystem metadata 5.3 0.0% praisonaiagents Apr 10 HIGH E CVE-2026-40153 praisonaiagents: env var expansion exposes production secrets 7.4 0.0% praisonaiagents Apr 10 MEDI E CVE-2026-40151 PraisonAI: unauthenticated agent config and system prompt disclosure 5.3 0.0% PraisonAI Apr 10 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial