AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,625

AI/ML CVEs Tracked

226

Critical

95

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 1625 results
Severity CVE ID Summary CVSS EPSS Package Date
CRIT CVE-2026-33749 n8n: stored XSS enables credential theft via workflow 9.0 0.0% n8n Mar 25 HIGH CVE-2026-33724 n8n: SSH MitM enables malicious workflow injection 7.4 0.0% n8n Mar 25 MEDI CVE-2026-33722 n8n: secrets vault bypass exposes credentials to low-priv users 5.3 0.0% n8n Mar 25 MEDI CVE-2026-33720 n8n: OAuth state forgery hijacks user credentials 4.2 0.0% n8n Mar 25 HIGH CVE-2026-33713 n8n: SQLi in Data Table node, full DB compromise 8.8 0.0% n8n Mar 25 HIGH CVE-2026-33696 n8n: Prototype pollution enables RCE via workflow nodes 8.8 0.2% n8n Mar 25 HIGH CVE-2026-33665 n8n: LDAP email match enables permanent account takeover 8.2 0.0% n8n Mar 25 CRIT CVE-2026-33663 n8n: member role steals plaintext HTTP credentials 10.0 0.0% n8n Mar 25 CRIT CVE-2026-33660 TensorFlow: type confusion NPD in tensor conversion 10.0 0.1% n8n Mar 25 MEDI CVE-2026-27496 n8n: uninitialized buffer leaks secrets via Task Runner 6.5 0.0% n8n Mar 25 CRIT GHSA-5mg7-485q-xm76 litellm: supply chain attack harvests AI API credentials litellm Mar 25 CRIT CVE-2025-33244 NVIDIA: Deserialization enables RCE 9.0 0.1% Mar 24 UNKN E CVE-2026-33401 Wallos: SSRF allows internal network access 0.0% Mar 24 HIGH E CVE-2026-33497 langflow: Path Traversal enables file access 7.5 0.0% langflow Mar 24 HIGH E CVE-2026-33484 langflow: Access Control bypass enables privilege escalation 7.5 0.0% langflow Mar 24 CRIT E CVE-2026-33475 langflow: security flaw enables exploitation 9.1 0.1% langflow Mar 24 CRIT E CVE-2026-33309 langflow: Path Traversal enables file access 9.9 0.0% langflow Mar 24 MEDI E CVE-2026-30886 AI component: IDOR enables unauthorized data access 6.5 0.0% Mar 23 MEDI E CVE-2026-4538 AI component: Input Validation flaw enables exploitation 5.3 0.0% Mar 22 HIGH CVE-2026-33053 langflow: IDOR enables unauthorized data access 8.8 0.0% langflow Mar 20

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial