AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems — LLM frameworks, ML libraries, AI agents, vector databases, and inference servers. Vulnerabilities are tracked from NVD, GitHub Advisory, CISA KEV, MITRE ATLAS, and enriched with CVSS, EPSS, exploitation confidence, AI-component classification, and compliance mappings to ISO 42001, EU AI Act, NIST AI RMF, and OWASP LLM Top 10. Updated continuously as new CVEs are published.
- CVSS severity
- EPSS exploit probability
- Exploitation confidence
- AI-component classification
- Compliance mappings
AI/ML CVEs Tracked
Critical
New This Week
In CISA KEV
Latest AI Security Threats
Showing 20 of 826 results — has patch GHSA-h43v-27wg-5mf9 OpenClaw: pre-auth signature bypass enables pairing DoS — — openclaw Apr 7 MEDI GHSA-wpc6-37g7-8q4w OpenClaw: exec allowlist bypass via shell init-file options — — openclaw Apr 7 MEDI GHSA-42mx-vp8m-j7qh openclaw: sandbox escape via mirror mode hook execution — — openclaw Apr 7 LOW GHSA-767m-xrhc-fxm7 openclaw: operator.write escalates to admin Telegram config + cron — — openclaw Apr 7 MEDI GHSA-fwjq-xwfj-gv75 openclaw: auth bypass exposes agent session visibility — — openclaw Apr 7 MEDI GHSA-3q42-xmxv-9vfr openclaw: privilege escalation to admin voice config persistence — — openclaw Apr 7 HIGH GHSA-vfw7-6rhc-6xxg openclaw: env var injection via workspace config — — openclaw Apr 7 MEDI GHSA-vjx8-8p7h-82gr openclaw: SSRF in marketplace plugin download — — openclaw Apr 7 MEDI GHSA-4g5x-2jfc-xm98 openclaw: media download bypass exhausts disk storage — — openclaw Apr 7 MEDI GHSA-h2v7-xc88-xx8c openclaw: operator scope bypass in phone arm/disarm cmds — — openclaw Apr 7 MEDI E CVE-2026-33866 MLflow: auth bypass exposes model artifacts across experiments 4.3 0.4% mlflow Apr 7 MEDI E CVE-2026-33865 MLflow: stored XSS via MLmodel YAML artifact upload — 0.2% mlflow Apr 7 MEDI E CVE-2026-1839 HuggingFace Transformers: RCE via malicious checkpoint load 6.5 0.3% transformers Apr 7 CRIT E CVE-2026-35615 PraisonAI: path traversal exposes full filesystem via agent tools — 0.4% PraisonAI Apr 6 HIGH E CVE-2026-39308 PraisonAI: recipe registry path traversal file write 7.1 0.3% PraisonAI Apr 6 HIGH E CVE-2026-39306 PraisonAI: recipe path traversal allows arbitrary file write 7.3 0.3% PraisonAI Apr 6 CRIT E CVE-2026-39305 PraisonAI: path traversal enables arbitrary file write/RCE 9.0 0.3% PraisonAI Apr 6 HIGH E CVE-2026-39307 PraisonAI: Zip Slip enables arbitrary file write / RCE 8.1 0.3% PraisonAI Apr 6 MEDI CVE-2026-34425 OpenClaw: script preflight bypass enables unsafe exec — 0.3% openclaw Apr 6 MEDI CVE-2026-35492 kedro-datasets: path traversal enables arbitrary file write 6.5 0.4% kedro-datasets Apr 6 Frequently asked questions
What is an AI security threat feed?
An AI security threat feed is a continuously updated stream of vulnerabilities (CVEs) affecting AI and machine-learning systems — LLM frameworks, ML libraries, AI agents, vector databases, and inference servers — filtered out of the broader CVE firehose and enriched for relevance.
Which sources are the AI CVEs tracked from?
CVEs are tracked from NVD, GitHub Advisory, CISA KEV, and MITRE ATLAS, then enriched with CVSS, EPSS, exploitation confidence, AI-component classification, and compliance mappings.
What AI systems do these vulnerabilities affect?
Coverage spans LLM frameworks, ML libraries, AI agents, vector databases, and inference servers — the components most security teams now run in production.
How often is the AI threat feed updated?
The feed updates continuously as new CVEs are published and enriched, so the most recent AI/ML vulnerabilities appear at the top.
Is the AI security feed free?
Yes — the public feed is free to browse. A Pro subscription adds breaking alerts, MITRE ATLAS mappings, compliance reports (ISO 42001, EU AI Act), and full CISO analysis.
Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial