AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 8 of 8 results — Critical severity, KEV only
Severity CVE ID Summary CVSS EPSS Package Date
CRIT CVE-2026-33017 langflow: Code Injection enables RCE 9.8 41.2% langflow Mar 20 CRIT CVE-2026-21858 n8n: Input Validation flaw enables exploitation 10.0 6.6% n8n Jan 8 CRIT CVE-2025-62593 ray: Code Injection enables RCE 0.0% ray Nov 26 CRIT CVE-2025-3248 Langflow: Unauth RCE via code injection endpoint 9.8 91.8% langflow Apr 7 CRIT CVE-2023-48022 Ray: unauthenticated RCE via job submission API 9.8 92.2% ray Nov 28 CRIT CVE-2023-44467 LangChain: RCE bypass via __import__ in PAL chain 9.8 0.1% langchain_experimental Oct 9 CRIT CVE-2023-43654 TorchServe: SSRF + RCE via unrestricted model URL loading 9.8 91.6% torchserve Sep 28 CRIT CVE-2023-1177 MLflow: path traversal allows arbitrary file read/write 9.8 93.3% mlflow Mar 24

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial