AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

76

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 512 results — has patch
Severity CVE ID Summary CVSS EPSS Package Date
HIGH CVE-2026-35629 openclaw: SSRF in channel extensions hits internal network 0.0% openclaw Mar 29 MEDI CVE-2026-35657 openclaw: auth bypass exposes agent session history via HTTP 0.0% openclaw Mar 29 UNKN CVE-2026-34046 Langflow: IDOR exposes flows and plaintext API keys 0.0% langflow Mar 27 UNKN CVE-2026-33873 Langflow: server-side RCE via LLM-generated code exec 0.0% langflow Mar 27 HIGH E CVE-2026-34070 langchain-core: path traversal exposes host secrets via prompt config 7.5 0.0% langchain-core Mar 27 MEDI GHSA-364x-8g5j-x2pr n8n: stored XSS via malicious OAuth2 Authorization URL 5.4 n8n Mar 27 MEDI GHSA-3c7f-5hgj-h279 n8n: Stored XSS in Chat Trigger via CSS injection 5.4 n8n Mar 27 MEDI GHSA-w673-8fjw-457c n8n: stored XSS enables phishing via Form Node 4.1 n8n Mar 27 MEDI GHSA-q4fm-pjq6-m63g n8n: Stored XSS in Form Trigger enables phishing 5.4 n8n Mar 27 LOW E CVE-2026-29071 Open WebUI: IDOR exposes AI memories and private files 3.1 0.0% open-webui Mar 27 MEDI E CVE-2026-29070 open-webui: missing authz allows cross-KB file deletion 5.4 0.0% open-webui Mar 27 HIGH E CVE-2026-28788 Open WebUI: BOLA enables RAG poisoning via file overwrite 7.1 0.0% open-webui Mar 27 MEDI E CVE-2026-28786 Open WebUI: path traversal leaks server filesystem path 4.3 0.0% open-webui Mar 27 HIGH E CVE-2026-33744 BentoML: command injection in bentofile.yaml containerize 7.8 0.0% bentoml Mar 27 HIGH CVE-2026-27893 vLLM: trust_remote_code bypass enables RCE 8.8 0.0% vllm Mar 27 MEDI CVE-2026-33682 Streamlit: SSRF leaks NTLMv2 creds via UNC path 4.7 0.0% Streamlit Mar 26 MEDI CVE-2026-33751 n8n: LDAP injection enables auth bypass in workflows 4.8 0.0% n8n Mar 25 CRIT CVE-2026-33749 n8n: stored XSS enables credential theft via workflow 9.0 0.0% n8n Mar 25 HIGH CVE-2026-33724 n8n: SSH MitM enables malicious workflow injection 7.4 0.0% n8n Mar 25 MEDI CVE-2026-33722 n8n: secrets vault bypass exposes credentials to low-priv users 5.3 0.0% n8n Mar 25

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial