AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 225 results — Critical severity
Severity CVE ID Summary CVSS EPSS Package Date
CRIT E CVE-2026-27966 langflow: Code Injection enables RCE 9.8 36.6% langflow Feb 26 CRIT CVE-2026-27577 n8n: Code Injection enables RCE 9.9 0.2% n8n Feb 25 CRIT CVE-2026-27495 n8n: Code Injection enables RCE 9.9 0.1% n8n Feb 25 CRIT CVE-2026-27494 n8n: security flaw enables exploitation 9.9 0.1% n8n Feb 25 CRIT CVE-2026-27493 n8n: Code Injection enables RCE 9.0 0.3% n8n Feb 25 CRIT CVE-2026-2635 mlflow: security flaw enables exploitation 9.8 1.1% mlflow Feb 20 CRIT CVE-2026-26030 semantic-kernel: Code Injection enables RCE 10.0 0.1% semantic-kernel Feb 19 CRIT E CVE-2026-2654 smolagents: SSRF allows internal network access 9.8 0.0% smolagents Feb 18 CRIT CVE-2026-25592 semantic-kernel: Path Traversal enables file access 9.9 0.1% semantic-kernel Feb 6 CRIT CVE-2026-25115 n8n: Protection Bypass circumvents security controls 9.9 0.1% n8n Feb 4 CRIT CVE-2026-25053 n8n: Command Injection enables RCE 9.9 0.0% n8n Feb 4 CRIT CVE-2026-25052 n8n: security flaw enables exploitation 9.9 0.0% n8n Feb 4 CRIT CVE-2026-25049 n8n: security flaw enables exploitation 9.9 0.0% n8n Feb 4 CRIT CVE-2026-22778 vllm: security flaw enables exploitation 9.8 0.1% vllm Feb 2 CRIT E CVE-2026-25481 langroid: Code Injection enables RCE 0.0% Feb 2 CRIT E CVE-2026-25130 cai-framework: Command Injection enables RCE 9.7 0.0% Jan 30 CRIT E CVE-2026-1470 n8n: Code Injection enables RCE 9.9 1.9% n8n Jan 27 CRIT E CVE-2025-13374 Kalrav: Arbitrary File Upload enables RCE 9.8 0.1% Jan 24 CRIT CVE-2026-22807 vllm: Code Injection enables RCE 9.8 0.0% vllm Jan 21 CRIT E CVE-2026-0863 n8n: Code Injection enables RCE 9.9 0.0% n8n Jan 18

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial