AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

76

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited

Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 684 results — High severity

Severity CVE ID Summary CVSS EPSS Package Date

HIGH E CVE-2026-41277 Flowise: mass assignment enables cross-workspace IDOR 8.8 0.1% flowise Apr 23 HIGH E CVE-2026-41275 Flowise: HTTP password reset link allows MITM takeover 7.5 0.0% flowise Apr 23 HIGH E CVE-2026-41273 Flowise: auth bypass exposes OAuth 2.0 tokens 8.2 0.1% flowise Apr 23 HIGH E CVE-2026-41272 Flowise: SSRF bypass via DNS rebinding exposes internal networks 7.1 0.0% flowise Apr 23 HIGH E CVE-2026-41271 Flowise: SSRF via prompt template injection in API Chain 8.3 0.1% flowise Apr 23 HIGH E CVE-2026-41270 Flowise: SSRF bypass exposes cloud metadata services 8.3 0.0% flowise Apr 23 HIGH E CVE-2026-41269 Flowise: unrestricted file upload enables persistent RCE 8.8 0.1% flowise Apr 23 HIGH E CVE-2026-41266 Flowise: unauthenticated API key exposure via chatbot config 7.5 0.0% flowise Apr 23 HIGH E CVE-2026-41138 Flowise: RCE via unsanitized input in AirtableAgent 8.8 0.3% flowise Apr 23 HIGH E CVE-2026-41137 Flowise: RCE via CSVAgent unsanitized code injection 8.8 0.3% flowise Apr 23 HIGH GHSA-2r2p-4cgf-hv7h engramx: CSRF injects persistent prompts into AI agents — — — Apr 22 HIGH CVE-2026-6859 InstructLab: RCE via hardcoded trust_remote_code flag 8.8 0.1% — Apr 22 HIGH CVE-2026-39861 Claude Code: sandbox escape via symlink allows arbitrary write — 0.2% @anthropic-ai/claude-code Apr 21 HIGH E CVE-2026-6596 Langflow: unauthenticated file upload allows RCE 7.3 0.1% langflow-base Apr 20 HIGH GHSA-mr34-9552-qr95 openclaw: path traversal leaks files and NTLM credentials — — openclaw Apr 17 HIGH GHSA-2gvc-4f3c-2855 OpenClaw: auth bypass lets DM senders run room commands — — openclaw Apr 17 HIGH GHSA-xmxx-7p24-h892 OpenClaw: stale bearer token survives SecretRef rotation — — openclaw Apr 17 HIGH GHSA-rg3h-x3jw-7jm5 PraisonAI: SQL injection across 9 DB backends 8.1 — praisonaiagents Apr 17 HIGH GHSA-66r7-m7xm-v49h openclaw: path traversal exposes host files via media tags — — openclaw Apr 17 HIGH GHSA-2cq5-mf3v-mx44 openclaw: exec approval bypass via opaque multi-call binaries — — openclaw Apr 17

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial