AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

76

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 684 results — High severity
Severity CVE ID Summary CVSS EPSS Package Date
HIGH GHSA-5hwf-rc88-82xm fickling: Allowlist Bypass evades input filtering fickling Mar 4 HIGH GHSA-wccx-j62j-r448 fickling: Protection Bypass circumvents security controls fickling Mar 4 HIGH CVE-2026-0847 A vulnerability in NLTK versions up to and... 8.6 0.1% Mar 4 HIGH E CVE-2026-27905 bentoml: security flaw enables exploitation 7.8 0.0% bentoml Mar 3 HIGH E CVE-2026-28416 gradio: SSRF allows internal network access 8.6 0.0% gradio Feb 27 HIGH E CVE-2026-28414 gradio: security flaw enables exploitation 7.5 3.2% gradio Feb 27 HIGH CVE-2026-27498 n8n: Code Injection enables RCE 8.8 0.6% n8n Feb 25 HIGH CVE-2026-27497 n8n: SQL Injection exposes database 8.8 0.1% n8n Feb 25 HIGH GHSA-mxhj-88fx-4pcv fickling: security flaw enables exploitation fickling Feb 24 HIGH E CVE-2026-2033 mlflow: Path Traversal enables file access 8.1 14.7% mlflow Feb 20 HIGH CVE-2026-2472 google-cloud-aiplatform: XSS enables session hijacking 0.1% Feb 20 HIGH CVE-2026-27001 OpenClaw: prompt injection via unsanitized workspace path 7.8 0.0% openclaw Feb 20 HIGH CVE-2026-26321 OpenClaw: path traversal enables local file exfiltration 7.5 0.0% openclaw Feb 19 HIGH E CVE-2026-26286 sillytavern: SSRF allows internal network access 8.5 0.0% Feb 19 HIGH GHSA-97f8-7cmv-76j2 picklescan: Allowlist Bypass evades input filtering picklescan Feb 18 HIGH CVE-2026-1669 keras: File Control enables path manipulation 7.5 0.0% keras Feb 11 HIGH E CVE-2026-25580 pydantic-ai: SSRF allows internal network access 8.6 0.0% pydantic-ai-slim Feb 6 HIGH CVE-2026-21893 n8n: Input Validation flaw enables exploitation 7.2 0.2% n8n Feb 4 HIGH CVE-2026-25056 n8n: Arbitrary File Upload enables RCE 8.8 0.2% n8n Feb 4 HIGH CVE-2026-25055 n8n: Path Traversal enables file access 8.1 0.2% n8n Feb 4

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial