AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems — LLM frameworks, ML libraries, AI agents, vector databases, and inference servers. Vulnerabilities are tracked from NVD, GitHub Advisory, CISA KEV, MITRE ATLAS, and enriched with CVSS, EPSS, exploitation confidence, AI-component classification, and compliance mappings to ISO 42001, EU AI Act, NIST AI RMF, and OWASP LLM Top 10. Updated continuously as new CVEs are published.
- CVSS severity
- EPSS exploit probability
- Exploitation confidence
- AI-component classification
- Compliance mappings
AI/ML CVEs Tracked
Critical
New This Week
In CISA KEV
Latest AI Security Threats
Showing 20 of 851 results — Medium severity GHSA-5hff-46vh-rxmw OpenClaw: read-only scope bypass kills agent sessions — — openclaw Apr 7 MEDI GHSA-4p4f-fc8q-84m3 openclaw: iOS bridge bypass enables unauthorized agent runs — — openclaw Apr 7 MEDI GHSA-846p-hgpv-vphc OpenClaw: path traversal → host file exfiltration via QQ Bot — — openclaw Apr 7 MEDI GHSA-m34q-h93w-vg5x openclaw: path traversal enables remote dir overwrite — — openclaw Apr 7 MEDI GHSA-wwfp-w96m-c6x8 OpenClaw: pairing DoS blocks account onboarding — — openclaw Apr 7 MEDI GHSA-h43v-27wg-5mf9 OpenClaw: pre-auth signature bypass enables pairing DoS — — openclaw Apr 7 MEDI GHSA-wpc6-37g7-8q4w OpenClaw: exec allowlist bypass via shell init-file options — — openclaw Apr 7 MEDI GHSA-42mx-vp8m-j7qh openclaw: sandbox escape via mirror mode hook execution — — openclaw Apr 7 MEDI GHSA-fwjq-xwfj-gv75 openclaw: auth bypass exposes agent session visibility — — openclaw Apr 7 MEDI GHSA-3q42-xmxv-9vfr openclaw: privilege escalation to admin voice config persistence — — openclaw Apr 7 MEDI GHSA-vjx8-8p7h-82gr openclaw: SSRF in marketplace plugin download — — openclaw Apr 7 MEDI GHSA-4g5x-2jfc-xm98 openclaw: media download bypass exhausts disk storage — — openclaw Apr 7 MEDI GHSA-h2v7-xc88-xx8c openclaw: operator scope bypass in phone arm/disarm cmds — — openclaw Apr 7 MEDI E CVE-2026-33866 MLflow: auth bypass exposes model artifacts across experiments 4.3 0.4% mlflow Apr 7 MEDI E CVE-2026-33865 MLflow: stored XSS via MLmodel YAML artifact upload — 0.2% mlflow Apr 7 MEDI E CVE-2026-1839 HuggingFace Transformers: RCE via malicious checkpoint load 6.5 0.3% transformers Apr 7 MEDI CVE-2026-34425 OpenClaw: script preflight bypass enables unsafe exec — 0.3% openclaw Apr 6 MEDI CVE-2026-35492 kedro-datasets: path traversal enables arbitrary file write 6.5 0.4% kedro-datasets Apr 6 MEDI CVE-2026-5530 Ollama: SSRF in Model Pull API enables network pivot 6.3 0.3% — Apr 5 MEDI GHSA-mvv8-v4jj-g47j Directus: cleartext storage exposes AI API keys 6.5 — — Apr 4 Frequently asked questions
What is an AI security threat feed?
An AI security threat feed is a continuously updated stream of vulnerabilities (CVEs) affecting AI and machine-learning systems — LLM frameworks, ML libraries, AI agents, vector databases, and inference servers — filtered out of the broader CVE firehose and enriched for relevance.
Which sources are the AI CVEs tracked from?
CVEs are tracked from NVD, GitHub Advisory, CISA KEV, and MITRE ATLAS, then enriched with CVSS, EPSS, exploitation confidence, AI-component classification, and compliance mappings.
What AI systems do these vulnerabilities affect?
Coverage spans LLM frameworks, ML libraries, AI agents, vector databases, and inference servers — the components most security teams now run in production.
How often is the AI threat feed updated?
The feed updates continuously as new CVEs are published and enriched, so the most recent AI/ML vulnerabilities appear at the top.
Is the AI security feed free?
Yes — the public feed is free to browse. A Pro subscription adds breaking alerts, MITRE ATLAS mappings, compliance reports (ISO 42001, EU AI Act), and full CISO analysis.
Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial