AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
AI/ML CVEs Tracked
Critical
New This Week
In CISA KEV
Latest AI Security Threats
Showing 20 of 512 results — has patchPraisonAI: arbitrary file read via unguarded skill tool
CVE-2026-40117 PraisonAI: RCE via shell injection in memory hooks executor
CVE-2026-40111 openclaw: git env var injection enables host redirect
GHSA-cm8v-2vh9-cxf3 openclaw: base64 pre-alloc bypass causes resource exhaustion
GHSA-ccx3-fw7q-rr2r openclaw: no integrity check on ClawHub plugin installs
GHSA-3vvq-q2qc-7rmp OpenClaw: unsafe body replay on cross-origin redirect
GHSA-qx8j-g322-qj6m openclaw: env var injection enables host exec hijacking
GHSA-w9j9-w4cp-6wgr OpenClaw: SSRF bypass via Playwright redirect handling
GHSA-w8g9-x8gx-crmm OpenClaw: gateway auth expands read to write privilege
GHSA-4f8g-77mw-3rxc OpenClaw: SSRF bypass via interaction-triggered navigation
GHSA-vr5g-mmx7-h897 OpenClaw: scope misconfiguration enables unauthorized node pairing
GHSA-67mf-f936-ppxf OpenClaw: local file read bypasses workspace policy
GHSA-5fc7-f62m-8983 openclaw: SSRF bypass in QQ Bot media fetch paths
GHSA-3fv3-6p2v-gxwj openclaw: WS sessions persist after gateway token rotation
GHSA-5h3f-885m-v22w OpenClaw: auth rate-limit bypass via async race condition
GHSA-25wv-8phj-8p7r openclaw: auth bypass enables exec escalation on reconnect
GHSA-5wj5-87vq-39xm OpenClaw: cross-channel allowlist write bypass
GHSA-vc32-h5mq-453v OpenClaw: stale auth closure bypasses gateway access control
GHSA-68x5-xx89-w9mm OpenClaw: auth bypass enables persistent browser profile mutation
GHSA-cmfr-9m2r-xwhq OpenClaw: token rotation bypasses role approval
GHSA-whf9-3hcx-gq54 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial