AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

77

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited

Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 512 results — has patch

openclaw: SSRF policy bypass in CDP browser profile creation

GHSA-j4c5-89f5-f3pm

Auth Bypass Data Extraction Agent

openclaw Patch: 2026.4.20 CWE-918 4 4 ATLAS 1 incident

OpenClaw: auth bypass enables cross-device session hijack

GHSA-xrq9-jm7v-g9h7

Auth Bypass Agent

openclaw Patch: 2026.4.20 CWE-284 4 4 ATLAS 1 incident

openclaw: SSRF in QQBot media upload bypasses validation

GHSA-c4qg-j8jg-42q5

Supply Chain Data Extraction Agent Plugin

openclaw Patch: 2026.4.20 CWE-918 4 3 ATLAS 1 incident

openclaw: env var injection via MCP stdio config

GHSA-mj59-h3q9-ghfh

Supply Chain Code Execution Agent Plugin

openclaw Patch: 2026.4.20 CWE-427 4 5 ATLAS 1 incident

openclaw: trust-label bypass amplifies prompt injection

GHSA-57r2-h2wj-g887

Prompt Injection Auth Bypass Agent Framework

openclaw Patch: 2026.4.20 CWE-345 4 4 ATLAS 1 incident

openclaw: env namespace injection steers agent runtime

GHSA-hxvm-xjvf-93f3

Supply Chain Code Execution Agent Plugin

openclaw Patch: 2026.4.20 CWE-184 4 4 ATLAS 1 incident

openclaw: DM policy bypass via Feishu card-action callbacks

GHSA-72q8-jcmc-97wx

Auth Bypass Agent Plugin

openclaw Patch: 2026.4.20 CWE-863 4 3 ATLAS 1 incident

OpenClaw: auth scope bypass exposes assistant-media files

GHSA-v8qf-fr4g-28p2

Auth Bypass Data Extraction Agent API

openclaw Patch: 2026.4.20 CWE-863 4 4 ATLAS 1 incident

openclaw: session key auth bypass in webhook routing

GHSA-2xcp-x87w-q377

Auth Bypass Agent Framework

openclaw Patch: 2026.4.20 CWE-639 4 3 ATLAS 1 incident

n8n-mcp: credential exposure via HTTP transport logging

GHSA-wg4g-395p-mqv3

Data Leakage Privacy Violation Agent Plugin

n8n-mcp Patch: 2.47.13 CWE-532 16 4 ATLAS

litellm: RCE via MCP test endpoints privilege bypass

GHSA-v4p8-mg3p-g94g

Auth Bypass Code Execution API Inference

litellm Patch: 1.83.7 CWE-78 4 5 ATLAS

Claude Code: git worktree trust bypass executes hooks

CVE-2026-40068

Auth Bypass Code Execution Supply Chain Agent Framework Plugin

@anthropic-ai/claude-code Patch: 2.1.84 CWE-20 5 ATLAS

litellm: SQLi exposes all managed LLM API credentials

GHSA-r75f-5x8p-qvmc

Auth Bypass Data Extraction Inference API

litellm Patch: 1.83.7 CWE-89 4 5 ATLAS

Ray: Parquet RCE via Arrow extension deserialization

CVE-2026-41486

Code Execution Supply Chain Framework Training Data

ray Patch: 2.55.0 CWE-94 847 5 ATLAS

LiteLLM: RCE via unsandboxed prompt template rendering

GHSA-xqmj-j6mv-4862

Code Execution Data Extraction Inference API

litellm Patch: 1.83.7 CWE-1336 4 5 ATLAS

n8n-MCP Logs Sensitive Request Data on Unauthorized /mcp Requests

CVE-2026-41495

n8n-mcp Patch: 2.47.11 CWE-532 16

CRITICAL EXPLOIT AVAIL

Flowise: CSV Agent Prompt Injection Remote Code Execution Vulnerability

CVE-2026-41264

flowise-components Patch: 3.1.0 CWE-184

nbconvert has an Arbitrary File Read via Path Traversal in HTMLExporter Image Embedding

CVE-2026-39378

nbconvert Patch: 7.17.1 CWE-22 2.9K

nbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment Filenames

CVE-2026-39377

nbconvert Patch: 7.17.1 CWE-22 2.9K

Claude Code is an agentic coding tool. Prior to version 2.1.64, Claude Code's sandbox did not prevent sandboxed processes from creating symlinks pointing to...

CVE-2026-39861

@anthropic-ai/claude-code Patch: 2.1.64 CWE-22

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial