AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
1,625
AI/ML CVEs Tracked
226
Critical
87
New This Week
16
In CISA KEV
Latest AI Security Threats
Showing 20 of 1625 results Severity CVE ID Summary CVSS EPSS Package Date
CRIT GHSA-vc46-vw85-3wvm PraisonAI: RCE via malicious workflow YAML execution 9.8 — PraisonAI Apr 10 HIGH GHSA-g985-wjh9-qxxc PraisonAI: untrusted tools.py import enables RCE 8.4 — PraisonAI Apr 10 MEDI GHSA-x783-xp3g-mqhp PraisonAI: SQL injection via table_prefix exposes DB — — PraisonAI Apr 10 HIGH E CVE-2026-40114 PraisonAI: unauthenticated SSRF via unvalidated webhook_url 7.2 0.0% PraisonAI Apr 10 MEDI GHSA-ffp3-3562-8cv3 PraisonAI: tool approval bypass leaks env credentials 5.5 — praisonaiagents Apr 10 HIGH E CVE-2026-40160 praisonaiagents: SSRF in web_crawl exposes cloud metadata — 0.0% praisonaiagents Apr 10 HIGH GHSA-x462-jjpc-q4q4 praisonaiagents: CORS bypass enables silent agent RCE 8.1 — praisonaiagents Apr 10 MEDI E CVE-2026-40159 PraisonAI: MCP env inheritance exposes API keys 5.5 0.0% PraisonAI Apr 10 CRIT E CVE-2026-40157 PraisonAI: path traversal allows arbitrary file write via recipe unpack — 0.1% PraisonAI Apr 10 HIGH E CVE-2026-40156 PraisonAI: auto tools.py load enables local RCE 7.8 0.0% praisonai Apr 10 MEDI E CVE-2026-40148 PraisonAI: decompression bomb causes disk exhaustion 6.5 0.0% PraisonAI Apr 10 CRIT E CVE-2026-40154 PraisonAI: supply chain RCE via unverified template exec 9.3 0.0% PraisonAI Apr 10 HIGH GHSA-qwgj-rrpj-75xm PraisonAI: hardcoded approval bypass enables RCE 8.8 — PraisonAI Apr 10 HIGH E CVE-2026-40158 PraisonAI: AST sandbox bypass enables host RCE 8.6 0.0% PraisonAI Apr 10 MEDI E CVE-2026-40152 praisonaiagents: glob traversal leaks filesystem metadata 5.3 0.1% praisonaiagents Apr 10 HIGH E CVE-2026-40153 praisonaiagents: env var expansion exposes production secrets 7.4 0.0% praisonaiagents Apr 10 MEDI E CVE-2026-40151 PraisonAI: unauthenticated agent config and system prompt disclosure 5.3 0.0% PraisonAI Apr 10 HIGH E CVE-2026-40149 PraisonAI: auth bypass disables agent safety controls 7.9 0.0% PraisonAI Apr 10 MEDI E CVE-2026-40115 PraisonAI: unbounded body read enables local DoS 6.2 0.1% PraisonAI Apr 10 MEDI CVE-2026-35651 OpenClaw: ANSI injection spoof AI agent approval prompts 4.3 0.0% openclaw Apr 10 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial