AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 225 results — Critical severity
CRITICAL SCANNER

n8n: Code Injection enables RCE

CVE-2026-21877
9.9
EPSS 14.1%
Code Execution Auth Bypass Supply Chain Agent Framework Plugin
n8n CWE-94 16 9 ATLAS
CRITICAL KEV SCANNER

n8n: Input Validation flaw enables exploitation

CVE-2026-21858
10.0
EPSS 6.6%
Data Extraction Code Execution Auth Bypass Agent Framework API
n8n 16 6 ATLAS
CRITICAL EXPLOIT AVAIL SCANNER

langflow: Missing Auth allows unauthenticated access

CVE-2026-21445
9.1
EPSS 11.0%
Auth Bypass Data Extraction Privacy Violation Framework Agent API
langflow CWE-306 7 ATLAS
CRITICAL EXPLOIT AVAIL

n8n: Protection Bypass circumvents security controls

CVE-2025-68668
9.9
EPSS 0.1%
Code Execution Auth Bypass Agent Framework Plugin
n8n 16 6 ATLAS
CRITICAL EXPLOIT AVAIL

langchain.js: Deserialization enables RCE

CVE-2025-68665
9.1
EPSS 0.1%
Supply Chain Code Execution Data Extraction Framework Agent
langchain.js 2.6K 5 ATLAS
CRITICAL

Hugging Face smolagents: Unsafe deserialization in Remote Python Executor leads to RCE

CVE-2025-14931
10.0
EPSS 4.6%
smolagents CWE-502 86
CRITICAL

ollama: Missing Auth allows unauthenticated access

CVE-2025-63389
9.8
EPSS 0.2%
Auth Bypass Data Extraction Supply Chain Inference API Model
ollama 1.4K 9 ATLAS
CRITICAL EXPLOIT AVAIL

cai-framework: Command Injection enables RCE

CVE-2025-67511
9.6
EPSS 0.1%
Code Execution Prompt Injection Agent Framework
CWE-77 7 ATLAS
CRITICAL

ray: security flaw enables exploitation

CVE-2025-34351
--
EPSS 0.5%
Auth Bypass Code Execution Model Poisoning Framework Training Data Inference
ray CWE-304 845 8 ATLAS
CRITICAL KEV

ray: Code Injection enables RCE

CVE-2025-62593
--
EPSS 0.0%
Code Execution Auth Bypass Social Engineering Framework
ray Patch: 2.52.0 CWE-94 845 8 ATLAS
CRITICAL EXPLOIT AVAIL

mlx: security flaw enables exploitation

CVE-2025-62608
9.1
EPSS 0.1%
Supply Chain Code Execution Data Extraction Framework Training Data
mlx CWE-122 283 6 ATLAS
CRITICAL EXPLOIT AVAIL

keras: Path Traversal enables file access

CVE-2025-12060
9.8
EPSS 0.1%
Supply Chain Code Execution Framework Training Data
keras Patch: 3.12.0 CWE-22 1.5K 4 ATLAS
CRITICAL EXPLOIT AVAIL

mlflow: Path Traversal enables file access

CVE-2025-11201
9.8
EPSS 9.8%
Code Execution Auth Bypass Framework
mlflow CWE-22 624 6 ATLAS
CRITICAL

mlflow: security flaw enables exploitation

CVE-2025-11200
9.8
EPSS 0.2%
Auth Bypass Data Extraction Supply Chain Framework Model Training Data
mlflow CWE-521 624 6 ATLAS
CRITICAL EXPLOIT AVAIL

keras: Deserialization enables RCE

CVE-2025-49655
9.8
EPSS 0.1%
Code Execution Supply Chain Framework Model
keras Patch: 3.11.3 CWE-502 1.5K 5 ATLAS
CRITICAL

scio/PyTorch: torch.load weights_only bypass RCE

GHSA-m9mp-6x32-5rhg
--
Supply Chain Code Execution Framework Model
CWE-502 4 ATLAS
CRITICAL EXPLOIT AVAIL

Flowise: path traversal in file tools leads to RCE

CVE-2025-61913
9.9
EPSS 0.8%
Code Execution Data Extraction Auth Bypass Agent Plugin Framework
flowise 6 ATLAS
CRITICAL EXPLOIT AVAIL

Flowise: Unauthenticated RCE via MCP config injection

CVE-2025-59528
10.0
EPSS 83.9%
Code Execution Supply Chain Agent Framework Plugin
flowise 5 ATLAS
CRITICAL EXPLOIT AVAIL

Flowise Cloud: cross-tenant env var exposure leaks API keys

CVE-2025-59434
9.6
EPSS 0.1%
Data Extraction Auth Bypass Privacy Violation Framework API Agent
6 ATLAS
CRITICAL EXPLOIT AVAIL SCANNER

Flowise: auth bypass in reset flow allows full ATO

CVE-2025-58434
9.8
EPSS 21.0%
Auth Bypass Data Extraction Agent Framework
flowise 5 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial