AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

76

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited

Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 512 results — has patch

Severity CVE ID Summary CVSS EPSS Package Date

UNKN CVE-2026-41686 @anthropic-ai/sdk: insecure file perms expose agent memory — 0.0% @anthropic-ai/sdk Apr 29 HIGH E CVE-2026-41680 marked: infinite recursion DoS crashes Node.js via OOM 7.5 0.1% marked Apr 29 MEDI GHSA-gfg9-5357-hv4c openclaw: path traversal exposes host files via audio embed — — openclaw Apr 29 MEDI GHSA-c28g-vh7m-fm7v openclaw: auth bypass in owner command enforcement — — openclaw Apr 29 UNKN CVE-2026-42232 n8n: XML Node prototype pollution → RCE — 0.1% n8n Apr 29 UNKN CVE-2026-42231 n8n: prototype pollution → RCE via Git node SSH — 0.3% n8n Apr 29 UNKN CVE-2026-42235 n8n: stored XSS via MCP OAuth steals agent sessions — 0.1% n8n Apr 29 UNKN CVE-2026-42226 n8n: IDOR exposes cross-user API key exfiltration — 0.1% n8n Apr 29 UNKN CVE-2026-42234 n8n: Python sandbox escape enables container RCE — 0.1% n8n Apr 29 UNKN CVE-2026-42227 n8n: IDOR leaks cross-project variables via API key — 0.0% n8n Apr 29 UNKN CVE-2026-42236 n8n: unauthenticated MCP endpoint causes memory DoS — 0.1% n8n Apr 29 UNKN CVE-2026-42228 n8n: WebSocket auth bypass hijacks AI agent workflows — 0.1% n8n Apr 29 UNKN CVE-2026-42229 n8n: SQL injection in SeaTable node leaks restricted rows — 0.0% n8n Apr 29 UNKN CVE-2026-42230 n8n: MCP OAuth open redirect enables phishing — 0.0% n8n Apr 29 UNKN CVE-2026-42233 n8n: SQL injection in Oracle node allows data exfiltration — 0.0% n8n Apr 29 UNKN CVE-2026-42237 n8n: SQL injection in Snowflake/MySQL nodes bypasses fix — 0.0% n8n Apr 29 MEDI E CVE-2026-7141 vllm: uninitialized KV cache memory leaks inference data 5.6 0.1% vllm Apr 27 MEDI GHSA-7jm2-g593-4qrc openclaw: config guard bypass, persistent settings mutation — — openclaw Apr 25 MEDI GHSA-qrp5-gfw2-gxv4 openclaw: tool policy bypass via bundled MCP/LSP tools — — openclaw Apr 25 MEDI GHSA-h2vw-ph2c-jvwf OpenClaw: env injection exposes MiniMax API key — — openclaw Apr 25

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial