AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

76

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 199 results — High severity, has patch
HIGH EXPLOIT AVAIL

Open WebUI: access control bypass leaks Tool Valve API keys

CVE-2026-34222
7.7
EPSS 0.0%
Auth Bypass Data Extraction Agent Plugin Framework
open-webui Patch: 0.8.11 CWE-285 5 ATLAS
HIGH

ONNX: property overwrite via crafted model file

CVE-2026-34445
8.6
EPSS 0.2%
Supply Chain DoS Code Execution Framework Model Inference
onnx Patch: 1.21.0 CWE-20 1.2K 5 ATLAS
HIGH

OpenClaw: .npmrc hijack enables RCE on plugin install

GHSA-m3mh-3mpg-37hw
8.6
Code Execution Supply Chain Framework Plugin Agent
openclaw Patch: 2026.3.24 CWE-426 4 4 ATLAS 3 incidents
HIGH

OpenClaw: sandbox escape via mediaUrl path traversal

GHSA-hr5v-j9h9-xjhg
7.7
Data Extraction Auth Bypass Agent Plugin Framework
openclaw Patch: 2026.3.24 CWE-22 4 5 ATLAS 2 incidents
HIGH

openclaw: SSRF in channel extensions hits internal network

CVE-2026-35629
--
EPSS 0.0%
Data Extraction Auth Bypass Supply Chain Agent Plugin
openclaw Patch: 2026.3.28 CWE-918 4 4 ATLAS 1 incident
HIGH EXPLOIT AVAIL

langchain-core: path traversal exposes host secrets via prompt config

CVE-2026-34070
7.5
EPSS 0.0%
Data Extraction Data Leakage Framework
langchain-core Patch: 1.2.22 CWE-22 4.4K 5 ATLAS
HIGH EXPLOIT AVAIL

Open WebUI: BOLA enables RAG poisoning via file overwrite

CVE-2026-28788
7.1
EPSS 0.0%
Auth Bypass Model Poisoning Prompt Injection RAG API Framework
open-webui Patch: 0.8.6 CWE-639 7 ATLAS
HIGH EXPLOIT AVAIL

BentoML: command injection in bentofile.yaml containerize

CVE-2026-33744
7.8
EPSS 0.0%
Code Execution Supply Chain Framework
bentoml Patch: 1.4.37 CWE-94 23 5 ATLAS
HIGH

vLLM: trust_remote_code bypass enables RCE

CVE-2026-27893
8.8
EPSS 0.0%
Code Execution Supply Chain Inference Framework Model
vllm Patch: 0.18.0 CWE-693 127 5 ATLAS
HIGH

n8n: SSH MitM enables malicious workflow injection

CVE-2026-33724
7.4
EPSS 0.0%
Supply Chain Auth Bypass Agent Framework
n8n Patch: 2.5.0 CWE-639 16 4 ATLAS
HIGH

n8n: SQLi in Data Table node, full DB compromise

CVE-2026-33713
8.8
EPSS 0.0%
Code Execution Data Extraction Data Leakage Agent Framework Plugin
n8n Patch: 1.123.26 CWE-89 16 6 ATLAS
HIGH

n8n: Prototype pollution enables RCE via workflow nodes

CVE-2026-33696
8.8
EPSS 0.2%
Code Execution Supply Chain Agent Framework Plugin
n8n Patch: 2.14.1 CWE-1321 16 7 ATLAS
HIGH

n8n: LDAP email match enables permanent account takeover

CVE-2026-33665
8.2
EPSS 0.0%
Auth Bypass Code Execution Data Extraction Agent Framework
n8n Patch: 2.4.0 CWE-287 16 5 ATLAS
HIGH EXPLOIT AVAIL

langflow: Path Traversal enables file access

CVE-2026-33497
7.5
EPSS 0.0%
Data Extraction Auth Bypass Framework Agent
langflow Patch: 1.7.1 CWE-22 5 ATLAS
HIGH EXPLOIT AVAIL

mlflow: Code Injection enables RCE

CVE-2025-14287
7.5
EPSS 0.3%
Supply Chain Model Poisoning Code Execution Framework Model
mlflow Patch: 3.8.0rc0 CWE-94 624 7 ATLAS
HIGH EXPLOIT AVAIL

Flowise: SSRF via HTTP Node exposes internal network

CVE-2026-31829
8.8
EPSS 0.1%
Data Extraction Auth Bypass Agent Framework
flowise-components Patch: 3.0.13 CWE-918 4 ATLAS
HIGH EXPLOIT AVAIL

mcp-atlassian: SSRF allows internal network access

CVE-2026-27826
8.2
EPSS 0.1%
Auth Bypass Prompt Injection Data Extraction Agent Plugin API
mcp-atlassian Patch: 0.17.0 CWE-918 7 ATLAS
HIGH

sagemaker: Allowlist Bypass evades input filtering

GHSA-5r2p-pjr8-7fh7
--
Code Execution Supply Chain Data Extraction Framework API
sagemaker Patch: 3.4.0 CWE-184 51 3 ATLAS
HIGH

xgrammar: security flaw enables exploitation

CVE-2026-25048
--
EPSS 0.1%
DoS Inference Framework
xgrammar Patch: 0.1.32 CWE-674 154 4 ATLAS
HIGH

fickling: Allowlist Bypass evades input filtering

GHSA-5hwf-rc88-82xm
--
Supply Chain Code Execution Framework Model
fickling Patch: 0.1.9 CWE-184 57 5 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial