AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 435 results — High severity, Active exploitation
Severity CVE ID Summary CVSS EPSS Package Date
HIGH E CVE-2026-41680 Marked Vulnerable to OOM Denial of Service via... 7.5 0.1% marked Apr 29 HIGH E CVE-2026-41279 Flowise is a drag & drop user interface to build... 7.5 0.1% flowise Apr 23 HIGH E CVE-2026-41278 Flowise is a drag & drop user interface to build... 7.5 0.0% flowise Apr 23 HIGH E CVE-2026-41277 Flowise is a drag & drop user interface to build... 8.8 0.1% flowise Apr 23 HIGH E CVE-2026-41275 Flowise is a drag & drop user interface to build... 7.5 0.0% flowise Apr 23 HIGH E CVE-2026-41273 Flowise is a drag & drop user interface to build... 8.2 0.1% flowise Apr 23 HIGH E CVE-2026-41272 Flowise is a drag & drop user interface to build... 7.1 0.0% flowise Apr 23 HIGH E CVE-2026-41271 Flowise is a drag & drop user interface to build... 8.3 0.1% flowise Apr 23 HIGH E CVE-2026-41270 Flowise is a drag & drop user interface to build... 8.3 0.0% flowise Apr 23 HIGH E CVE-2026-41269 Flowise is a drag & drop user interface to build... 8.8 0.1% flowise Apr 23 HIGH E CVE-2026-41266 Flowise is a drag & drop user interface to build... 7.5 0.0% flowise Apr 23 HIGH E CVE-2026-41138 Flowise is a drag & drop user interface to build... 8.8 0.3% flowise Apr 23 HIGH E CVE-2026-41137 Flowise is a drag & drop user interface to build... 8.8 0.3% flowise Apr 23 HIGH E CVE-2026-6596 A security flaw has been discovered in... 7.3 0.1% langflow-base Apr 20 HIGH E CVE-2026-1462 Keras: safe_mode bypass allows RCE via model deserialization 8.8 0.1% keras Apr 13 HIGH E CVE-2026-40114 PraisonAI: unauthenticated SSRF via unvalidated webhook_url 7.2 0.0% PraisonAI Apr 10 HIGH E CVE-2026-40160 praisonaiagents: SSRF in web_crawl exposes cloud metadata 0.0% praisonaiagents Apr 10 HIGH E CVE-2026-40156 PraisonAI: auto tools.py load enables local RCE 7.8 0.0% praisonai Apr 10 HIGH E CVE-2026-40158 PraisonAI: AST sandbox bypass enables host RCE 8.6 0.0% PraisonAI Apr 10 HIGH E CVE-2026-40153 praisonaiagents: env var expansion exposes production secrets 7.4 0.0% praisonaiagents Apr 10

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial