AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,625

AI/ML CVEs Tracked

230

Critical

87

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited

Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 569 results — Medium severity

Severity CVE ID Summary CVSS EPSS Package Date

MEDI GHSA-wwfp-w96m-c6x8 OpenClaw: pairing DoS blocks account onboarding — — openclaw Apr 7 MEDI GHSA-h43v-27wg-5mf9 OpenClaw: pre-auth signature bypass enables pairing DoS — — openclaw Apr 7 MEDI GHSA-wpc6-37g7-8q4w OpenClaw: exec allowlist bypass via shell init-file options — — openclaw Apr 7 MEDI GHSA-42mx-vp8m-j7qh openclaw: sandbox escape via mirror mode hook execution — — openclaw Apr 7 MEDI GHSA-fwjq-xwfj-gv75 openclaw: auth bypass exposes agent session visibility — — openclaw Apr 7 MEDI GHSA-3q42-xmxv-9vfr openclaw: privilege escalation to admin voice config persistence — — openclaw Apr 7 MEDI GHSA-vjx8-8p7h-82gr openclaw: SSRF in marketplace plugin download — — openclaw Apr 7 MEDI GHSA-4g5x-2jfc-xm98 openclaw: media download bypass exhausts disk storage — — openclaw Apr 7 MEDI GHSA-h2v7-xc88-xx8c openclaw: operator scope bypass in phone arm/disarm cmds — — openclaw Apr 7 MEDI E CVE-2026-33866 MLflow: auth bypass exposes model artifacts across experiments — 0.0% mlflow Apr 7 MEDI E CVE-2026-33865 MLflow: stored XSS via MLmodel YAML artifact upload — 0.0% mlflow Apr 7 MEDI E CVE-2026-1839 HuggingFace Transformers: RCE via malicious checkpoint load 6.5 0.0% transformers Apr 7 MEDI CVE-2026-34425 OpenClaw: script preflight bypass enables unsafe exec — 0.1% openclaw Apr 6 MEDI CVE-2026-35492 kedro-datasets: path traversal enables arbitrary file write 6.5 0.0% kedro-datasets Apr 6 MEDI CVE-2026-5530 Ollama: SSRF in Model Pull API enables network pivot 6.3 0.0% — Apr 5 MEDI GHSA-mvv8-v4jj-g47j Directus: cleartext storage exposes AI API keys 6.5 — — Apr 4 MEDI CVE-2026-34755 vLLM: OOM DoS via unbounded video frame decoding 6.5 0.1% vllm Apr 3 MEDI CVE-2026-34753 vLLM: SSRF in batch API exposes cloud metadata endpoints 5.4 0.0% vllm Apr 3 MEDI CVE-2026-34052 ltiauthenticator: OAuth nonce leak causes server DoS 5.9 0.1% — Apr 3 MEDI CVE-2026-33709 JupyterHub: open redirect enables post-login phishing — 0.0% — Apr 3

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial