AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

78

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 225 results — Critical severity
CRITICAL

PraisonAI: auth bypass enables browser session hijack

GHSA-8x8f-54wf-vv92
9.1
Auth Bypass Data Extraction Code Execution Agent Plugin
PraisonAI Patch: 4.5.139 CWE-306 1 5 ATLAS
CRITICAL

PraisonAI: RCE via malicious workflow YAML execution

GHSA-vc46-vw85-3wvm
9.8
Code Execution Supply Chain Agent Framework
PraisonAI Patch: 4.5.139 CWE-78 1 6 ATLAS
CRITICAL EXPLOIT AVAIL

PraisonAI: path traversal allows arbitrary file write via recipe unpack

CVE-2026-40157
--
EPSS 0.1%
Supply Chain Code Execution Agent Framework
PraisonAI Patch: 4.5.128 CWE-22 1 3 ATLAS
CRITICAL EXPLOIT AVAIL

PraisonAI: supply chain RCE via unverified template exec

CVE-2026-40154
9.3
EPSS 0.0%
Supply Chain Code Execution Agent Plugin Framework
PraisonAI Patch: 4.5.128 CWE-829 1 7 ATLAS
CRITICAL EXPLOIT AVAIL

lollms: Stored XSS enables wormable account takeover

CVE-2026-1115
9.6
EPSS 0.0%
Code Execution Auth Bypass Data Extraction Framework API
lollms Patch: 2.2.0 CWE-79 5 ATLAS
CRITICAL EXPLOIT AVAIL

PraisonAI: RCE via shell injection in memory hooks executor

CVE-2026-40111
--
EPSS 0.0%
Code Execution Prompt Injection Agent Framework
praisonaiagents Patch: 1.5.128 CWE-78 11 5 ATLAS
CRITICAL

PraisonAI: RCE via shell injection in agent workflows

GHSA-2763-cj5r-c79m
9.7
Code Execution Prompt Injection Supply Chain Agent Framework
PraisonAI Patch: 4.5.121 CWE-78 1 6 ATLAS
CRITICAL

Marimo: pre-auth RCE via terminal WebSocket

GHSA-2679-6mx9-h9xc
--
Auth Bypass Code Execution Framework
marimo Patch: 0.23.0 CWE-306 2.9K 5 ATLAS
CRITICAL

praisonaiagents: sandbox escape enables host RCE

CVE-2026-39888
10.0
EPSS 0.1%
Code Execution Auth Bypass Agent Framework
praisonaiagents Patch: 1.5.115 CWE-657 11 5 ATLAS
CRITICAL EXPLOIT AVAIL

PraisonAI: YAML deserialization enables unauthenticated RCE

CVE-2026-39890
9.8
EPSS 0.5%
Code Execution Supply Chain Agent Framework
praisonai Patch: 4.5.115 CWE-502 1 5 ATLAS
CRITICAL EXPLOIT AVAIL

PraisonAI: path traversal exposes full filesystem via agent tools

CVE-2026-35615
--
EPSS 0.1%
Data Extraction Code Execution Agent Framework
PraisonAI Patch: 1.5.113 CWE-22 1 5 ATLAS
CRITICAL EXPLOIT AVAIL

PraisonAI: path traversal enables arbitrary file write/RCE

CVE-2026-39305
9.0
EPSS 0.1%
Code Execution Prompt Injection Supply Chain Agent Framework
PraisonAI Patch: 4.5.113 1 5 ATLAS
CRITICAL EXPLOIT AVAIL

Claude Code: OS command injection, credential theft

CVE-2026-35022
9.8
EPSS 0.5%
Code Execution Data Extraction Supply Chain Agent API Framework
CWE-78 8 ATLAS
CRITICAL EXPLOIT AVAIL

Budibase: Unauthenticated RCE as root via webhook

CVE-2026-35216
9.1
EPSS 0.6%
Code Execution Auth Bypass Data Extraction Framework Agent
CWE-78 8 ATLAS
CRITICAL

LiteLLM: auth bypass via JWT cache key collision

CVE-2026-35030
9.1
EPSS 0.1%
Auth Bypass Data Extraction API Framework Inference
litellm Patch: 1.83.0 CWE-287 4 4 ATLAS
CRITICAL EXPLOIT AVAIL

MLflow: auth bypass in job API enables unauthenticated RCE

CVE-2026-0545
9.1
EPSS 5.5%
Auth Bypass Code Execution DoS Framework Training Data
mlflow CWE-306 624 5 ATLAS
CRITICAL EXPLOIT AVAIL

praisonaiagents: sandbox bypass enables full host RCE

CVE-2026-34938
10.0
EPSS 0.0%
Code Execution Prompt Injection Supply Chain Agent Framework Plugin
praisonaiagents Patch: 1.5.90 CWE-693 11 7 ATLAS
CRITICAL EXPLOIT AVAIL

MLflow: command injection via model_uri in mlserver mode

CVE-2026-0596
9.6
EPSS 0.2%
Code Execution Supply Chain Framework Inference
CWE-78 4 ATLAS 1 incident
CRITICAL

telnyx: PyPI supply chain attack steals cloud creds

GHSA-955r-262c-33jc
--
Supply Chain Code Execution Data Extraction Framework API Agent
CWE-506 7 ATLAS 2 incidents
CRITICAL EXPLOIT AVAIL

MLflow: RCE via unsanitized model dependency specs

CVE-2025-15379
10.0
EPSS 0.2%
Code Execution Supply Chain Framework
mlflow Patch: 3.8.1 CWE-77 624 4 ATLAS 1 incident

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial